Theory AOT_PLM

1(*<*)
2theory AOT_PLM
3  imports AOT_Axioms
4begin
5(*>*)
6
7section‹The Deductive System PLM›
8
9(* constrain sledgehammer to the abstraction layer *)
10unbundle AOT_no_atp
11
12AOT_theorem "modus-ponens": assumes φ and φ  ψ shows ψ
13  using assms by (simp add: AOT_sem_imp) (* NOTE: semantics needed *)
14lemmas MP = "modus-ponens"
15
16AOT_theorem "non-con-thm-thm": assumes  φ shows  φ
17  using assms by simp
18
19AOT_theorem "vdash-properties:1[1]": assumes φ  Λ shows  φ
20  using assms unfolding AOT_model_act_axiom_def by blast (* NOTE: semantics needed *)
21
22text‹Convenience attribute for instantiating modally-fragile axioms.›
23attribute_setup act_axiom_inst =
24  ‹Scan.succeed (Thm.rule_attribute [] (K (fn thm => thm RS @{thm "vdash-properties:1[1]"})))
25  "Instantiate modally fragile axiom as modally fragile theorem."
26
27AOT_theorem "vdash-properties:1[2]": assumes φ  Λ shows  φ
28  using assms unfolding AOT_model_axiom_def by blast (* NOTE: semantics needed *)
29
30text‹Convenience attribute for instantiating modally-strict axioms.›
31attribute_setup axiom_inst =
32  ‹Scan.succeed (Thm.rule_attribute [] (K (fn thm => thm RS @{thm "vdash-properties:1[2]"})))
33  "Instantiate axiom as theorem."
34
35text‹Convenience methods and theorem sets for applying "cqt:2".›
36method cqt_2_lambda_inst_prover = (fast intro: AOT_instance_of_cqt_2_intro)
37method "cqt:2[lambda]" = (rule "cqt:2[lambda]"[axiom_inst]; cqt_2_lambda_inst_prover)
38lemmas "cqt:2" = "cqt:2[const_var]"[axiom_inst] "cqt:2[lambda]"[axiom_inst] AOT_instance_of_cqt_2_intro
39method "cqt:2" = (safe intro!: "cqt:2")
40
41AOT_theorem "vdash-properties:3": assumes  φ shows Γ  φ
42  using assms by blast
43
44AOT_theorem "vdash-properties:5": assumes Γ1  φ and Γ2  φ  ψ shows Γ1, Γ2  ψ
45  using MP assms by blast
46
47AOT_theorem "vdash-properties:6": assumes φ and φ  ψ shows ψ
48  using MP assms by blast
49
50AOT_theorem "vdash-properties:8": assumes Γ  φ and φ  ψ shows Γ  ψ
51  using assms by argo
52
53AOT_theorem "vdash-properties:9": assumes φ shows ψ  φ
54  using MP "pl:1"[axiom_inst] assms by blast
55
56AOT_theorem "vdash-properties:10": assumes φ  ψ and φ shows ψ
57  using MP assms by blast
58lemmas "→E" = "vdash-properties:10"
59
60AOT_theorem "rule-gen": assumes for arbitrary α: φ{α} shows α φ{α}
61  using assms by (metis AOT_var_of_term_inverse AOT_sem_denotes AOT_sem_forall) (* NOTE: semantics needed *)
62lemmas GEN = "rule-gen"
63
64AOT_theorem "RN[prem]": assumes Γ  φ shows Γ  φ
65  by (meson AOT_sem_box assms image_iff) (* NOTE: semantics needed *)
66AOT_theorem RN: assumes  φ shows φ
67  using "RN[prem]" assms by blast
68
69AOT_axiom "df-rules-formulas[1]": assumes φ df ψ shows φ  ψ
70  using assms by (simp_all add: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp) (* NOTE: semantics needed *)
71AOT_axiom "df-rules-formulas[2]": assumes φ df ψ shows ψ  φ
72  using assms by (simp_all add: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp) (* NOTE: semantics needed *)
73(* NOTE: for convenience also state the above as regular theorems *)
74AOT_theorem "df-rules-formulas[3]": assumes φ df ψ shows φ  ψ
75  using "df-rules-formulas[1]"[axiom_inst, OF assms].
76AOT_theorem "df-rules-formulas[4]": assumes φ df ψ shows ψ  φ
77  using "df-rules-formulas[2]"[axiom_inst, OF assms].
78
79
80AOT_axiom "df-rules-terms[1]":
81  assumes τ{α1...αn} =df σ{α1...αn}
82  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) & (¬σ{τ1...τn}  ¬τ{τ1...τn})
83  using assms by (simp add: AOT_model_axiomI AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
84AOT_axiom "df-rules-terms[2]":
85  assumes τ =df σ
86  shows (σ  τ = σ) & (¬σ  ¬τ)
87  by (metis "df-rules-terms[1]" case_unit_Unity assms)
88(* NOTE: for convenience also state the above as regular theorems *)
89AOT_theorem "df-rules-terms[3]":
90  assumes τ{α1...αn} =df σ{α1...αn}
91  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) & (¬σ{τ1...τn}  ¬τ{τ1...τn})
92  using "df-rules-terms[1]"[axiom_inst, OF assms].
93AOT_theorem "df-rules-terms[4]":
94  assumes τ =df σ
95  shows (σ  τ = σ) & (¬σ  ¬τ)
96  using "df-rules-terms[2]"[axiom_inst, OF assms].
97
98
99AOT_theorem "if-p-then-p": φ  φ
100  by (meson "pl:1"[axiom_inst] "pl:2"[axiom_inst] MP)
101
102AOT_theorem "deduction-theorem": assumes φ  ψ shows φ  ψ
103  using assms by (simp add: AOT_sem_imp) (* NOTE: semantics needed *)
104lemmas CP = "deduction-theorem"
105lemmas "→I" = "deduction-theorem"
106
107AOT_theorem "ded-thm-cor:1": assumes Γ1  φ  ψ and Γ2  ψ  χ shows Γ1, Γ2  φ  χ
108  using "→E" "→I" assms by blast
109AOT_theorem "ded-thm-cor:2": assumes Γ1  φ  (ψ  χ) and Γ2  ψ shows Γ1, Γ2  φ  χ
110  using "→E" "→I" assms by blast
111
112AOT_theorem "ded-thm-cor:3": assumes φ  ψ and ψ  χ shows φ  χ
113  using "→E" "→I" assms by blast
114declare "ded-thm-cor:3"[trans]
115AOT_theorem "ded-thm-cor:4": assumes φ  (ψ  χ) and ψ shows φ  χ
116  using "→E" "→I" assms by blast
117
118lemmas "Hypothetical Syllogism" = "ded-thm-cor:3"
119
120AOT_theorem "useful-tautologies:1": ¬¬φ  φ
121  by (metis "pl:3"[axiom_inst] "→I" "Hypothetical Syllogism")
122AOT_theorem "useful-tautologies:2": φ  ¬¬φ
123  by (metis "pl:3"[axiom_inst] "→I" "ded-thm-cor:4")
124AOT_theorem "useful-tautologies:3": ¬φ  (φ  ψ)
125  by (meson "ded-thm-cor:4" "pl:3"[axiom_inst] "→I")
126AOT_theorem "useful-tautologies:4": (¬ψ  ¬φ)  (φ  ψ)
127  by (meson "pl:3"[axiom_inst] "Hypothetical Syllogism" "→I")
128AOT_theorem "useful-tautologies:5": (φ  ψ)  (¬ψ  ¬φ)
129  by (metis "useful-tautologies:4" "Hypothetical Syllogism" "→I")
130
131AOT_theorem "useful-tautologies:6": (φ  ¬ψ)  (ψ  ¬φ)
132  by (metis "→I" MP "useful-tautologies:4")
133
134AOT_theorem "useful-tautologies:7": (¬φ  ψ)  (¬ψ  φ)
135  by (metis "→I" MP "useful-tautologies:3" "useful-tautologies:5")
136
137AOT_theorem "useful-tautologies:8": φ  (¬ψ  ¬(φ  ψ))
138  by (metis "→I" MP "useful-tautologies:5")
139
140AOT_theorem "useful-tautologies:9": (φ  ψ)  ((¬φ  ψ)  ψ)
141  by (metis "→I" MP "useful-tautologies:6")
142
143AOT_theorem "useful-tautologies:10": (φ  ¬ψ)  ((φ  ψ)  ¬φ)
144  by (metis "→I" MP "pl:3"[axiom_inst])
145
146AOT_theorem "dn-i-e:1": assumes φ shows ¬¬φ
147  using MP "useful-tautologies:2" assms by blast
148lemmas "¬¬I" = "dn-i-e:1"
149AOT_theorem "dn-i-e:2": assumes ¬¬φ shows φ
150  using MP "useful-tautologies:1" assms by blast
151lemmas "¬¬E" = "dn-i-e:2"
152
153AOT_theorem "modus-tollens:1": assumes φ  ψ and ¬ψ shows ¬φ
154  using MP "useful-tautologies:5" assms by blast
155AOT_theorem "modus-tollens:2": assumes φ  ¬ψ and ψ shows ¬φ
156  using "¬¬I" "modus-tollens:1" assms by blast
157lemmas MT = "modus-tollens:1" "modus-tollens:2"
158
159AOT_theorem "contraposition:1[1]": assumes φ  ψ shows ¬ψ  ¬φ
160  using "→I" MT(1) assms by blast
161AOT_theorem "contraposition:1[2]": assumes ¬ψ  ¬φ shows φ  ψ
162  using "→I" "¬¬E" MT(2) assms by blast
163
164AOT_theorem "contraposition:2": assumes φ  ¬ψ shows ψ  ¬φ
165  using "→I" MT(2) assms by blast
166
167(* TODO: this is actually a mixture of the two variants given in PLM; adjust. *)
168AOT_theorem "reductio-aa:1":
169  assumes ¬φ  ¬ψ and ¬φ  ψ shows φ
170  using "→I" "¬¬E" MT(2) assms by blast
171AOT_theorem "reductio-aa:2":
172  assumes φ  ¬ψ and φ  ψ shows ¬φ
173  using "reductio-aa:1" assms by blast
174lemmas "RAA" = "reductio-aa:1" "reductio-aa:2"
175
176AOT_theorem "exc-mid": φ  ¬φ
177  using "df-rules-formulas[4]" "if-p-then-p" MP "conventions:2" by blast
178
179AOT_theorem "non-contradiction": ¬(φ & ¬φ)
180  using "df-rules-formulas[3]" MT(2) "useful-tautologies:2" "conventions:1" by blast
181
182AOT_theorem "con-dis-taut:1": (φ & ψ)  φ
183  by (meson "→I" "df-rules-formulas[3]" MP RAA(1) "conventions:1")
184AOT_theorem "con-dis-taut:2": (φ & ψ)  ψ
185  by (metis "→I" "df-rules-formulas[3]" MT(2) RAA(2) "¬¬E" "conventions:1")
186lemmas "Conjunction Simplification" = "con-dis-taut:1" "con-dis-taut:2"
187
188AOT_theorem "con-dis-taut:3": φ  (φ  ψ)
189  by (meson "contraposition:1[2]" "df-rules-formulas[4]" MP "→I" "conventions:2")
190AOT_theorem "con-dis-taut:4": ψ  (φ  ψ)
191  using "Hypothetical Syllogism" "df-rules-formulas[4]" "pl:1"[axiom_inst] "conventions:2" by blast
192lemmas "Disjunction Addition" = "con-dis-taut:3" "con-dis-taut:4"
193
194AOT_theorem "con-dis-taut:5": φ  (ψ  (φ & ψ))
195  by (metis "contraposition:2" "Hypothetical Syllogism" "→I" "df-rules-formulas[4]" "conventions:1")
196lemmas Adjunction = "con-dis-taut:5"
197
198AOT_theorem "con-dis-taut:6": (φ & φ)  φ
199  by (metis Adjunction "→I" "df-rules-formulas[4]" MP "Conjunction Simplification"(1) "conventions:3")
200lemmas "Idempotence of &" = "con-dis-taut:6"
201
202AOT_theorem "con-dis-taut:7": (φ  φ)  φ
203proof -
204  {
205    AOT_assume φ  φ
206    AOT_hence ¬φ  φ
207      using "conventions:2"[THEN "df-rules-formulas[3]"] MP by blast
208    AOT_hence φ using "if-p-then-p" RAA(1) MP by blast
209  }
210  moreover {
211    AOT_assume φ
212    AOT_hence φ  φ using "Disjunction Addition"(1) MP by blast
213  }
214  ultimately AOT_show (φ  φ)  φ
215    using "conventions:3"[THEN "df-rules-formulas[4]"] MP
216    by (metis Adjunction "→I")
217qed
218lemmas "Idempotence of ∨" = "con-dis-taut:7"
219
220
221AOT_theorem "con-dis-i-e:1": assumes φ and ψ shows φ & ψ
222  using Adjunction MP assms by blast
223lemmas "&I" = "con-dis-i-e:1"
224
225AOT_theorem "con-dis-i-e:2:a": assumes φ & ψ shows φ
226  using "Conjunction Simplification"(1) MP assms by blast
227AOT_theorem "con-dis-i-e:2:b": assumes φ & ψ shows ψ
228  using "Conjunction Simplification"(2) MP assms by blast
229lemmas "&E" = "con-dis-i-e:2:a" "con-dis-i-e:2:b"
230
231AOT_theorem "con-dis-i-e:3:a": assumes φ shows φ  ψ
232  using "Disjunction Addition"(1) MP assms by blast
233AOT_theorem "con-dis-i-e:3:b": assumes ψ shows φ  ψ
234  using "Disjunction Addition"(2) MP assms by blast
235AOT_theorem "con-dis-i-e:3:c": assumes φ  ψ and φ  χ and ψ  Θ shows χ  Θ
236  by (metis "con-dis-i-e:3:a" "Disjunction Addition"(2) "df-rules-formulas[3]" MT(1) RAA(1) "conventions:2" assms)
237lemmas "∨I" = "con-dis-i-e:3:a" "con-dis-i-e:3:b" "con-dis-i-e:3:c"
238
239AOT_theorem "con-dis-i-e:4:a": assumes φ  ψ and φ  χ and ψ  χ shows χ
240  by (metis MP RAA(2) "df-rules-formulas[3]" "conventions:2" assms)
241AOT_theorem "con-dis-i-e:4:b": assumes φ  ψ and ¬φ shows ψ
242  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
243AOT_theorem "con-dis-i-e:4:c": assumes φ  ψ and ¬ψ shows φ
244  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
245lemmas "∨E" = "con-dis-i-e:4:a" "con-dis-i-e:4:b" "con-dis-i-e:4:c"
246
247AOT_theorem "raa-cor:1": assumes ¬φ  ψ & ¬ψ shows φ
248  using "&E" "∨E"(3) "∨I"(2) RAA(2) assms by blast
249AOT_theorem "raa-cor:2": assumes φ  ψ & ¬ψ shows ¬φ
250  using "raa-cor:1" assms by blast
251AOT_theorem "raa-cor:3": assumes φ and ¬ψ  ¬φ shows ψ
252  using RAA assms by blast
253AOT_theorem "raa-cor:4": assumes ¬φ and ¬ψ  φ shows ψ
254  using RAA assms by blast
255AOT_theorem "raa-cor:5": assumes φ and ψ  ¬φ shows ¬ψ
256  using RAA assms by blast
257AOT_theorem "raa-cor:6": assumes ¬φ and ψ  φ shows ¬ψ
258  using RAA assms by blast
259
260(* TODO: note these need manual introduction rules *)
261AOT_theorem "oth-class-taut:1:a": (φ  ψ)  ¬(φ & ¬ψ)
262  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
263     (metis "&E" "&I" "raa-cor:3" "→I" MP)
264AOT_theorem "oth-class-taut:1:b": ¬(φ  ψ)  (φ & ¬ψ)
265  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
266     (metis "&E" "&I" "raa-cor:3" "→I" MP)
267AOT_theorem "oth-class-taut:1:c": (φ  ψ)  (¬φ  ψ)
268  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
269     (metis "&I" "∨I"(1, 2) "∨E"(3) "→I" MP "raa-cor:1")
270
271AOT_theorem "oth-class-taut:2:a": (φ & ψ)  (ψ & φ)
272  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
273     (meson "&I" "&E" "→I")
274lemmas "Commutativity of &" = "oth-class-taut:2:a"
275AOT_theorem "oth-class-taut:2:b": (φ & (ψ & χ))  ((φ & ψ) & χ)
276  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
277     (metis "&I" "&E" "→I")
278lemmas "Associativity of &" = "oth-class-taut:2:b"
279AOT_theorem "oth-class-taut:2:c": (φ  ψ)  (ψ  φ)
280  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
281     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
282lemmas "Commutativity of ∨" = "oth-class-taut:2:c"
283AOT_theorem "oth-class-taut:2:d": (φ  (ψ  χ))  ((φ  ψ)  χ)
284  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
285     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
286lemmas "Associativity of ∨" = "oth-class-taut:2:d"
287AOT_theorem "oth-class-taut:2:e": (φ  ψ)  (ψ  φ)
288  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I";
289      metis "&I" "df-rules-formulas[4]" "conventions:3" "&E" "Hypothetical Syllogism" "→I" "df-rules-formulas[3]")
290lemmas "Commutativity of ≡" = "oth-class-taut:2:e"
291AOT_theorem "oth-class-taut:2:f": (φ  (ψ  χ))  ((φ  ψ)  χ)
292  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
293        "→I" "→E" "&E" "&I"
294  by metis
295lemmas "Associativity of ≡" = "oth-class-taut:2:f"
296
297AOT_theorem "oth-class-taut:3:a": φ  φ
298  using "&I" "vdash-properties:6" "if-p-then-p" "df-rules-formulas[4]" "conventions:3" by blast
299AOT_theorem "oth-class-taut:3:b": φ  ¬¬φ
300  using "&I" "useful-tautologies:1" "useful-tautologies:2" "vdash-properties:6" "df-rules-formulas[4]" "conventions:3" by blast
301AOT_theorem "oth-class-taut:3:c": ¬(φ  ¬φ)
302  by (metis "&E" "→E" RAA "df-rules-formulas[3]" "conventions:3")
303
304AOT_theorem "oth-class-taut:4:a": (φ  ψ)  ((ψ  χ)  (φ  χ))
305  by (metis "→E" "→I")
306AOT_theorem "oth-class-taut:4:b": (φ  ψ)  (¬φ  ¬ψ)
307  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
308        "→I" "→E" "&E" "&I" RAA by metis
309AOT_theorem "oth-class-taut:4:c": (φ  ψ)  ((φ  χ)  (ψ  χ))
310  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
311        "→I" "→E" "&E" "&I" by metis
312AOT_theorem "oth-class-taut:4:d": (φ  ψ)  ((χ  φ)  (χ  ψ))
313  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
314        "→I" "→E" "&E" "&I" by metis
315AOT_theorem "oth-class-taut:4:e": (φ  ψ)  ((φ & χ)  (ψ & χ))
316  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
317        "→I" "→E" "&E" "&I" by metis
318AOT_theorem "oth-class-taut:4:f": (φ  ψ)  ((χ & φ)  (χ & ψ))
319  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
320        "→I" "→E" "&E" "&I" by metis
321AOT_theorem "oth-class-taut:4:g": (φ  ψ)  ((φ & ψ)  (¬φ & ¬ψ))
322proof(safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"] "&I" "→I"
323           dest!: "conventions:3"[THEN "df-rules-formulas[3]", THEN "→E"])
324  AOT_show φ & ψ  (¬φ & ¬ψ) if (φ  ψ) & (ψ  φ)
325    using "&E" "∨I" "→E" "&I" "raa-cor:1" "→I" "∨E" that by metis
326next
327  AOT_show ψ if φ & ψ  (¬φ & ¬ψ) and φ
328    using that "∨E" "&E" "raa-cor:3" by blast
329next
330  AOT_show φ if φ & ψ  (¬φ & ¬ψ) and ψ
331    using that "∨E" "&E" "raa-cor:3" by blast
332qed
333AOT_theorem "oth-class-taut:4:h": ¬(φ  ψ)  ((φ & ¬ψ)  (¬φ & ψ))
334proof (safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"] "&I" "→I")
335  AOT_show φ & ¬ψ  (¬φ & ψ) if ¬(φ  ψ)
336    by (metis that "&I" "∨I"(1, 2) "→I" MT(1) "df-rules-formulas[4]" "raa-cor:3" "conventions:3")
337next
338  AOT_show ¬(φ  ψ) if φ & ¬ψ  (¬φ & ψ)
339    by (metis that "&E" "∨E"(2) "→E" "df-rules-formulas[3]" "raa-cor:3" "conventions:3")
340qed
341AOT_theorem "oth-class-taut:5:a": (φ & ψ)  ¬(¬φ  ¬ψ)
342  using "conventions:3"[THEN "df-rules-formulas[4]"]
343        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
344AOT_theorem "oth-class-taut:5:b": (φ  ψ)  ¬(¬φ & ¬ψ)
345  using "conventions:3"[THEN "df-rules-formulas[4]"]
346        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
347AOT_theorem "oth-class-taut:5:c": ¬(φ & ψ)  (¬φ  ¬ψ)
348  using "conventions:3"[THEN "df-rules-formulas[4]"]
349        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
350AOT_theorem "oth-class-taut:5:d": ¬(φ  ψ)  (¬φ & ¬ψ)
351  using "conventions:3"[THEN "df-rules-formulas[4]"]
352        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
353
354lemmas DeMorgan = "oth-class-taut:5:c" "oth-class-taut:5:d"
355
356AOT_theorem "oth-class-taut:6:a": (φ & (ψ  χ))  ((φ & ψ)  (φ & χ))
357  using "conventions:3"[THEN "df-rules-formulas[4]"]
358        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
359AOT_theorem "oth-class-taut:6:b": (φ  (ψ & χ))  ((φ  ψ) & (φ  χ))
360  using "conventions:3"[THEN "df-rules-formulas[4]"]
361        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
362
363AOT_theorem "oth-class-taut:7:a": ((φ & ψ)  χ)  (φ  (ψ  χ))
364  by (metis "&I" "→E" "→I")
365lemmas Exportation = "oth-class-taut:7:a"
366AOT_theorem "oth-class-taut:7:b": (φ  (ψ χ))  ((φ & ψ)  χ)
367  by (metis "&E" "→E" "→I")
368lemmas Importation = "oth-class-taut:7:b"
369
370AOT_theorem "oth-class-taut:8:a": (φ  (ψ  χ))  (ψ  (φ  χ))
371  using "conventions:3"[THEN "df-rules-formulas[4]"] "→I" "→E" "&E" "&I" by metis
372lemmas Permutation = "oth-class-taut:8:a"
373AOT_theorem "oth-class-taut:8:b": (φ  ψ)  ((φ  χ)  (φ  (ψ & χ)))
374  by (metis "&I" "→E" "→I")
375lemmas Composition = "oth-class-taut:8:b"
376AOT_theorem "oth-class-taut:8:c": (φ  χ)  ((ψ  χ)  ((φ  ψ)  χ))
377  by (metis "∨E"(2) "→E" "→I" RAA(1))
378AOT_theorem "oth-class-taut:8:d": ((φ  ψ) & (χ  Θ))  ((φ & χ)  (ψ & Θ))
379  by (metis "&E" "&I" "→E" "→I")
380lemmas "Double Composition" = "oth-class-taut:8:d"
381AOT_theorem "oth-class-taut:8:e": ((φ & ψ)  (φ & χ))  (φ  (ψ  χ))
382  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
383            "→I" "→E" "&E" "&I")
384AOT_theorem "oth-class-taut:8:f": ((φ & ψ)  (χ & ψ))  (ψ  (φ  χ))
385  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
386            "→I" "→E" "&E" "&I")
387AOT_theorem "oth-class-taut:8:g": (ψ  χ)  ((φ  ψ)  (φ  χ))
388  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
389            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
390AOT_theorem "oth-class-taut:8:h": (ψ  χ)  ((ψ  φ)  (χ  φ))
391  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
392            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
393AOT_theorem "oth-class-taut:8:i": (φ  (ψ & χ))  (ψ  (φ  χ))
394  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
395            "→I" "→E" "&E" "&I")
396
397AOT_theorem "intro-elim:1": assumes φ  ψ and φ  χ and ψ  Θ shows χ  Θ
398  by (metis assms "∨I"(1, 2) "∨E"(1) "conventions:3"[THEN "df-rules-formulas[3]"] "→I" "→E" "&E"(1))
399
400AOT_theorem "intro-elim:2": assumes φ  ψ and ψ  φ shows φ  ψ
401  by (meson "&I" "conventions:3" "df-rules-formulas[4]" MP assms)
402lemmas "≡I" = "intro-elim:2"
403
404AOT_theorem "intro-elim:3:a": assumes φ  ψ and φ shows ψ
405  by (metis "∨I"(1) "→I" "∨E"(1) "intro-elim:1" assms)
406AOT_theorem "intro-elim:3:b": assumes φ  ψ and ψ shows φ
407  using "intro-elim:3:a" "Commutativity of ≡" assms by blast
408AOT_theorem "intro-elim:3:c": assumes φ  ψ and ¬φ shows ¬ψ
409  using "intro-elim:3:b" "raa-cor:3" assms by blast
410AOT_theorem "intro-elim:3:d": assumes φ  ψ and ¬ψ shows ¬φ
411  using "intro-elim:3:a" "raa-cor:3" assms by blast
412AOT_theorem "intro-elim:3:e": assumes φ  ψ and ψ  χ shows φ  χ
413  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
414declare "intro-elim:3:e"[trans]
415AOT_theorem "intro-elim:3:f": assumes φ  ψ and φ  χ shows χ  ψ
416  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
417lemmas "≡E" = "intro-elim:3:a" "intro-elim:3:b" "intro-elim:3:c" "intro-elim:3:d" "intro-elim:3:e" "intro-elim:3:f"
418
419declare "Commutativity of ≡"[THEN "≡E"(1), sym]
420
421AOT_theorem "rule-eq-df:1": assumes φ df ψ shows φ  ψ
422  by (simp add: "≡I" "df-rules-formulas[3]" "df-rules-formulas[4]" assms)
423lemmas "≡Df" = "rule-eq-df:1"
424AOT_theorem "rule-eq-df:2": assumes φ df ψ and φ shows ψ
425  using "≡Df" "≡E"(1) assms by blast
426lemmas "≡dfE" = "rule-eq-df:2"
427AOT_theorem "rule-eq-df:3": assumes φ df ψ and ψ shows φ
428  using "≡Df" "≡E"(2) assms by blast
429lemmas "≡dfI" = "rule-eq-df:3"
430
431AOT_theorem  "df-simplify:1": assumes φ  (ψ & χ) and ψ shows φ  χ
432  by (metis "&E"(2) "&I" "≡E"(1, 2) "≡I" "→I" assms)
433(* TODO: this is a slight variation from PLM *)
434AOT_theorem  "df-simplify:2": assumes φ  (ψ & χ) and χ shows φ  ψ
435  by (metis "&E"(1) "&I" "≡E"(1, 2) "≡I" "→I" assms)
436lemmas "≡S" = "df-simplify:1"  "df-simplify:2"
437
438AOT_theorem "rule-ui:1": assumes α φ{α} and τ shows φ{τ}
439  using "→E" "cqt:1"[axiom_inst] assms by blast
440AOT_theorem "rule-ui:2[const_var]": assumes α φ{α} shows φ{β}
441  by (simp add: "rule-ui:1" "cqt:2[const_var]"[axiom_inst] assms)
442(* TODO: precise proviso in PLM *)
443AOT_theorem "rule-ui:2[lambda]":
444  assumes F φ{F} and INSTANCE_OF_CQT_2(ψ)
445  shows φ{ν1...νn ψ{ν1...νn}]}
446  by (simp add: "rule-ui:1" "cqt:2[lambda]"[axiom_inst] assms)
447AOT_theorem "rule-ui:3": assumes α φ{α} shows φ{α}
448  by (simp add: "rule-ui:2[const_var]" assms)
449lemmas "∀E" = "rule-ui:1" "rule-ui:2[const_var]" "rule-ui:2[lambda]" "rule-ui:3"
450
451AOT_theorem "cqt-orig:1[const_var]": α φ{α}  φ{β} by (simp add: "∀E"(2) "→I")
452AOT_theorem "cqt-orig:1[lambda]":
453  assumes INSTANCE_OF_CQT_2(ψ)
454  shows F φ{F}  φ{ν1...νn ψ{ν1...νn}]}
455  by (simp add: "∀E"(3) "→I" assms)
456AOT_theorem "cqt-orig:2": α (φ  ψ{α})  (φ  α ψ{α})
457  by (metis "→I" GEN "vdash-properties:6" "∀E"(4))
458AOT_theorem "cqt-orig:3": α φ{α}  φ{α} using "cqt-orig:1[const_var]" .
459
460(* TODO: work out difference to GEN *)
461AOT_theorem universal: assumes for arbitrary β: φ{β} shows α φ{α}
462  using GEN assms .
463lemmas "∀I" = universal
464
465(* Generalized mechanism for "∀I" followed by ∀E *)
466ML467fun get_instantiated_allI ctxt varname thm = let
468val trm = Thm.concl_of thm
469val trm = case trm of (@{const Trueprop} $ (@{const AOT_model_valid_in} $ _ $ x)) => x
470                      | _ => raise Term.TERM ("Expected simple theorem.", [trm])
471fun extractVars (Const (const_name‹AOT_term_of_var›, _) $ Var v) =
472    (if fst (fst v) = fst varname then [Var v] else []) (* TODO: care about the index? *)
473  | extractVars (t1 $ t2) = extractVars t1 @ extractVars t2
474  | extractVars (Abs (_, _, t)) = extractVars t
475  | extractVars _ = []
476val vars = extractVars trm
477val vars = fold Term.add_vars vars []
478val var = hd vars
479val trmty = case (snd var) of (Type (type_name‹AOT_var›, [t])) => (t)
480              | _ => raise Term.TYPE ("Expected variable type.", [snd var], [Var var])
481val trm = Abs (Term.string_of_vname (fst var), trmty, Term.abstract_over (
482      Const (const_name‹AOT_term_of_var›, Type ("fun", [snd var, trmty]))
483       $ Var var, trm))
484val trm = Thm.cterm_of (Context.proof_of ctxt) trm
485val ty = hd (Term.add_tvars (Thm.prop_of @{thm "∀I"}) [])
486val typ = Thm.ctyp_of (Context.proof_of ctxt) trmty
487val allthm = Drule.instantiate_normalize ([(ty, typ)],[]) @{thm "∀I"}
488val phi = hd (Term.add_vars (Thm.prop_of allthm) [])
489val allthm = Drule.instantiate_normalize ([],[(phi,trm)]) allthm
490in
491allthm
492end
493
494
495attribute_setup "∀I" =
496  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
497  (fn ctxt => fn thm => fold (fn arg => fn thm => thm RS get_instantiated_allI ctxt arg thm) args thm))
498  "Quantify over a variable in a theorem using GEN."
499
500attribute_setup "unvarify" =
501  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
502  (fn ctxt => fn thm =>
503    let
504    val thm = fold (fn arg => fn thm => thm RS get_instantiated_allI ctxt arg thm) args thm
505    val thm = fold (fn _ => fn thm => thm RS @{thm "∀E"(1)}) args thm
506    in
507     thm
508    end))
509  "Generalize a statement about variables to a statement about denoting terms."
510
511(* TODO: rereplace-lem does not apply to the embedding *)
512
513AOT_theorem "cqt-basic:1": αβ φ{α,β}  βα φ{α,β}
514  by (metis "≡I" "∀E"(2) "∀I" "→I")
515
516AOT_theorem "cqt-basic:2": α(φ{α}  ψ{α})  (α(φ{α}  ψ{α}) & α(ψ{α}  φ{α}))
517proof (rule "≡I"; rule "→I")
518  AOT_assume α(φ{α}  ψ{α})
519  AOT_hence φ{α}  ψ{α} for α using "∀E"(2) by blast
520  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
521    using "≡E"(1,2) "→I" by blast+
522  AOT_thus α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
523    by (auto intro: "&I" "∀I")
524next
525  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
526  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
527    using "∀E"(2) "&E" by blast+
528  AOT_hence φ{α}  ψ{α} for α
529    using "≡I" by blast
530  AOT_thus α(φ{α}  ψ{α}) by (auto intro: "∀I")
531qed
532
533AOT_theorem "cqt-basic:3": α(φ{α}  ψ{α})  (α φ{α}  α ψ{α})
534proof(rule "→I")
535  AOT_assume α(φ{α}  ψ{α})
536  AOT_hence 1: φ{α}  ψ{α} for α using "∀E"(2) by blast
537  {
538    AOT_assume α φ{α}
539    AOT_hence α ψ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
540  }
541  moreover {
542    AOT_assume α ψ{α}
543    AOT_hence α φ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
544  }
545  ultimately AOT_show α φ{α}  α ψ{α}
546    using "≡I" "→I" by auto
547qed
548
549AOT_theorem "cqt-basic:4": α(φ{α} & ψ{α})  (α φ{α} & α ψ{α})
550proof(rule "→I")
551  AOT_assume 0: α(φ{α} & ψ{α})
552  AOT_have φ{α} and ψ{α} for α using "∀E"(2) 0 "&E" by blast+
553  AOT_thus α φ{α} & α ψ{α}
554    by (auto intro: "∀I" "&I")
555qed
556
557AOT_theorem "cqt-basic:5": (α1...∀αn(φ{α1...αn}))  φ{α1...αn}
558  using "cqt-orig:3" by blast
559
560AOT_theorem "cqt-basic:6": αα φ{α}  α φ{α}
561  by (meson "≡I" "→I" GEN "cqt-orig:1[const_var]")
562
563AOT_theorem "cqt-basic:7": (φ  α ψ{α})  α(φ  ψ{α})
564  by (metis "→I" "vdash-properties:6" "rule-ui:3" "≡I" GEN)
565
566AOT_theorem "cqt-basic:8": (α φ{α}  α ψ{α})  α (φ{α}  ψ{α})
567  by (simp add: "∨I"(3) "→I" GEN "cqt-orig:1[const_var]")
568
569AOT_theorem "cqt-basic:9": (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α(φ{α}  χ{α})
570proof -
571  {
572    AOT_assume α (φ{α}  ψ{α})
573    moreover AOT_assume α (ψ{α}  χ{α})
574    ultimately AOT_have φ{α}  ψ{α} and ψ{α}  χ{α} for α using "∀E" by blast+
575    AOT_hence φ{α}  χ{α} for α by (metis "→E" "→I")
576    AOT_hence α(φ{α}  χ{α}) using "∀I" by fast
577  }
578  thus ?thesis using "&I" "→I" "&E" by meson
579qed
580
581AOT_theorem "cqt-basic:10": (α(φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α (φ{α}  χ{α})
582proof(rule "→I"; rule "∀I")
583  fix β
584  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  χ{α})
585  AOT_hence φ{β}  ψ{β} and ψ{β}  χ{β} using "&E" "∀E" by blast+
586  AOT_thus φ{β}  χ{β} using "≡I" "≡E" by blast
587qed
588
589AOT_theorem "cqt-basic:11": α(φ{α}  ψ{α})  α (ψ{α}  φ{α})
590proof (rule "≡I"; rule "→I")
591  AOT_assume 0: α(φ{α}  ψ{α})
592  {
593    fix α
594    AOT_have φ{α}  ψ{α} using 0 "∀E" by blast
595    AOT_hence ψ{α}  φ{α} using "≡I" "≡E" "→I" "→E" by metis
596  }
597  AOT_thus α(ψ{α}  φ{α}) using "∀I" by fast
598next
599  AOT_assume 0: α(ψ{α}  φ{α})
600  {
601    fix α
602    AOT_have ψ{α}  φ{α} using 0 "∀E" by blast
603    AOT_hence φ{α}  ψ{α} using "≡I" "≡E" "→I" "→E" by metis
604  }
605  AOT_thus α(φ{α}  ψ{α}) using "∀I" by fast
606qed
607
608AOT_theorem "cqt-basic:12": α φ{α}  α (ψ{α}  φ{α})
609  by (simp add: "∀E"(2) "→I" GEN)
610
611AOT_theorem "cqt-basic:13": α φ{α}  β φ{β}
612  using "≡I" "→I" by blast
613
614AOT_theorem "cqt-basic:14": (α1...∀αn (φ{α1...αn}  ψ{α1...αn}))  ((α1...∀αn φ{α1...αn})  (α1...∀αn ψ{α1...αn}))
615  using "cqt:3"[axiom_inst] by auto
616
617AOT_theorem "cqt-basic:15": (α1...∀αn (φ  ψ{α1...αn}))  (φ  (α1...∀αn ψ{α1...αn}))
618  using "cqt-orig:2" by auto
619
620(* TODO: once more the same in the embedding... need to distinguish these better *)
621AOT_theorem "universal-cor": assumes for arbitrary β: φ{β}  shows α φ{α}
622  using GEN assms .
623
624AOT_theorem "existential:1": assumes φ{τ} and τ shows α φ{α}
625proof(rule "raa-cor:1")
626  AOT_assume ¬α φ{α}
627  AOT_hence α ¬φ{α}
628    using "≡dfI" "conventions:4" RAA "&I" by blast
629  AOT_hence ¬φ{τ} using assms(2) "∀E"(1) "→E" by blast
630  AOT_thus φ{τ} & ¬φ{τ} using assms(1) "&I" by blast
631qed
632
633AOT_theorem "existential:2[const_var]": assumes φ{β} shows α φ{α}
634  using "existential:1" "cqt:2[const_var]"[axiom_inst] assms by blast
635
636AOT_theorem "existential:2[lambda]":
637  assumes φ{ν1...νn ψ{ν1...νn}]} and INSTANCE_OF_CQT_2(ψ)
638  shows α φ{α}
639  using "existential:1" "cqt:2[lambda]"[axiom_inst] assms by blast
640lemmas "∃I" = "existential:1" "existential:2[const_var]" "existential:2[lambda]" 
641
642AOT_theorem "instantiation":
643  assumes for arbitrary β: φ{β}  ψ and α φ{α}
644  shows ψ
645  by (metis (no_types, lifting) "≡dfE" GEN "raa-cor:3" "conventions:4" assms)
646lemmas "∃E" = "instantiation"
647
648AOT_theorem "cqt-further:1": α φ{α}  α φ{α}
649  using "∀E"(4) "∃I"(2) "→I" by metis
650
651AOT_theorem "cqt-further:2": ¬α φ{α}  α ¬φ{α}
652  using "∀I" "∃I"(2) "→I" RAA by metis
653
654AOT_theorem "cqt-further:3": α φ{α}  ¬α ¬φ{α}
655  using "∀E"(4) "∃E" "→I" RAA
656  by (metis "cqt-further:2" "≡I" "modus-tollens:1")
657
658AOT_theorem "cqt-further:4": ¬α φ{α}  α ¬φ{α}
659  using "∀I" "∃I"(2)"→I" RAA by metis
660
661AOT_theorem "cqt-further:5": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
662  by (metis (no_types, lifting) "&E" "&I" "∃E" "∃I"(2) "→I")
663
664AOT_theorem "cqt-further:6": α (φ{α}  ψ{α})  (α φ{α}  α ψ{α})
665  by (metis (mono_tags, lifting) "∃E" "∃I"(2) "∨E"(3) "∨I"(1, 2) "→I" RAA(2))
666
667AOT_theorem "cqt-further:7": α φ{α}  β φ{β} (* TODO: vacuous in the embedding *)
668  by (simp add: "oth-class-taut:3:a")
669
670AOT_theorem "cqt-further:8": (α φ{α} & α ψ{α})  α (φ{α}  ψ{α})
671  by (metis (mono_tags, lifting) "&E" "≡I" "∀E"(2) "→I" GEN)
672
673AOT_theorem "cqt-further:9": (¬α φ{α} & ¬α ψ{α})  α (φ{α}  ψ{α})
674  by (metis (mono_tags, lifting) "&E" "≡I" "∃I"(2) "→I" GEN "raa-cor:4")
675
676AOT_theorem "cqt-further:10": (α φ{α} & ¬α ψ{α})  ¬α (φ{α}  ψ{α})
677proof(rule "→I"; rule "raa-cor:2")
678  AOT_assume 0: α φ{α} & ¬α ψ{α}
679  then AOT_obtain α where φ{α} using "∃E" "&E"(1) by metis
680  moreover AOT_assume α (φ{α}  ψ{α})
681  ultimately AOT_have ψ{α} using "∀E"(4) "≡E"(1) by blast
682  AOT_hence α ψ{α} using "∃I" by blast
683  AOT_thus α ψ{α} & ¬α ψ{α} using 0 "&E"(2) "&I" by blast
684qed
685
686AOT_theorem "cqt-further:11": αβ φ{α,β}  βα φ{α,β}
687  using "≡I" "→I" "∃I"(2) "∃E" by metis
688
689AOT_theorem "log-prop-prop:1":  φ]
690  using "cqt:2[lambda0]"[axiom_inst] by auto
691
692AOT_theorem "log-prop-prop:2": φ
693  by (rule "≡dfI"[OF "existence:3"]) "cqt:2[lambda]"
694
695AOT_theorem "exist-nec": τ  τ
696proof -
697  AOT_have β β
698    by (simp add: GEN RN "cqt:2[const_var]"[axiom_inst])
699  AOT_thus τ  τ
700    using "cqt:1"[axiom_inst] "→E" by blast
701qed
702
703(* TODO: replace this mechanism by a "proof by types" command *)
704class AOT_Term_id = AOT_Term +
705  assumes "t=t-proper:1"[AOT]: [v  τ = τ'  τ]
706      and "t=t-proper:2"[AOT]: [v  τ = τ'  τ']
707
708instance κ :: AOT_Term_id
709proof
710  AOT_modally_strict {
711    AOT_show κ = κ'  κ for κ κ'
712    proof(rule "→I")
713      AOT_assume κ = κ'
714      AOT_hence O!κ  A!κ
715        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
716           (meson "→I" "∨I"(1) "&E"(1))+
717      AOT_thus κ
718        by (rule "∨E"(1))
719           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
720    qed
721  }
722next
723  AOT_modally_strict {
724    AOT_show κ = κ'  κ' for κ κ'
725    proof(rule "→I")
726      AOT_assume κ = κ'
727      AOT_hence O!κ'  A!κ'
728        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
729           (meson "→I" "∨I" "&E")+
730      AOT_thus κ'
731        by (rule "∨E"(1))
732           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
733    qed
734  }
735qed
736
737instance rel :: (AOT_κs) AOT_Term_id
738proof
739  AOT_modally_strict {
740    AOT_show Π = Π'  Π for Π Π' :: <'a> (* TODO: how to get rid of the fixes? *)
741    proof(rule "→I")
742      AOT_assume Π = Π'
743      AOT_thus Π using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
744    qed
745  }
746next
747  AOT_modally_strict {
748    AOT_show Π = Π'  Π' for Π Π' :: <'a> (* TODO: how to get rid of the fixes? *)
749    proof(rule "→I")
750      AOT_assume Π = Π'
751      AOT_thus Π' using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
752    qed
753  }
754qed
755
756instance 𝗈 :: AOT_Term_id
757proof
758  AOT_modally_strict {
759    fix φ ψ
760    AOT_show φ = ψ  φ
761    proof(rule "→I")
762      AOT_assume φ = ψ
763      AOT_thus φ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
764    qed
765  }
766next
767  AOT_modally_strict {
768    fix φ ψ
769    AOT_show φ = ψ  ψ
770    proof(rule "→I")
771      AOT_assume φ = ψ
772      AOT_thus ψ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
773    qed
774  }
775qed
776
777instance prod :: (AOT_Term_id, AOT_Term_id) AOT_Term_id
778proof
779  AOT_modally_strict {
780    fix τ τ' :: 'a×'b
781    AOT_show τ = τ'  τ
782    proof (induct τ; induct τ'; rule "→I")
783      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
784      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
785      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
786      AOT_hence τ1 and τ2 using "t=t-proper:1" "&E" "vdash-properties:10" by blast+
787      AOT_thus «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_denotes)
788    qed
789  }
790next
791  AOT_modally_strict {
792    fix τ τ' :: 'a×'b
793    AOT_show τ = τ'  τ'
794    proof (induct τ; induct τ'; rule "→I")
795      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
796      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
797      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
798      AOT_hence τ1' and τ2' using "t=t-proper:2" "&E" "vdash-properties:10" by blast+
799      AOT_thus «(τ1', τ2')» by (metis "≡dfI" "&I" tuple_denotes)
800    qed
801  }
802qed
803
804(* TODO: this is the end of the "proof by types" and makes the results available on new theorems *)
805AOT_register_type_constraints
806  Term: _::AOT_Term_id› _::AOT_Term_id›
807AOT_register_type_constraints
808  Individual: ‹κ› _::{AOT_κs, AOT_Term_id}
809AOT_register_type_constraints
810  Relation: <_::{AOT_κs, AOT_Term_id}>
811
812AOT_theorem "id-rel-nec-equiv:1": Π = Π'  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
813proof(rule "→I")
814  AOT_assume assumption: Π = Π'
815  AOT_hence Π and Π'
816    using "t=t-proper:1" "t=t-proper:2" MP by blast+
817  moreover AOT_have FG (F = G  ((x1...∀xn ([F]x1...xn  [F]x1...xn))  x1...∀xn ([F]x1...xn  [G]x1...xn)))
818    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
819  ultimately AOT_have Π = Π'  ((x1...∀xn ([Π]x1...xn  [Π]x1...xn))  x1...∀xn ([Π]x1...xn  [Π']x1...xn))
820    using "∀E"(1) by blast
821  AOT_hence (x1...∀xn ([Π]x1...xn  [Π]x1...xn))  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
822    using assumption "→E" by blast
823  moreover AOT_have x1...∀xn ([Π]x1...xn  [Π]x1...xn)
824    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
825  ultimately AOT_show x1...∀xn ([Π]x1...xn  [Π']x1...xn)
826    using "→E" by blast
827qed
828
829AOT_theorem "id-rel-nec-equiv:2": φ = ψ  (φ  ψ)
830proof(rule "→I")
831  AOT_assume assumption: φ = ψ
832  AOT_hence φ and ψ
833    using "t=t-proper:1" "t=t-proper:2" MP by blast+
834  moreover AOT_have pq (p = q  (((p  p)  (p  q))))
835    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
836  ultimately AOT_have φ = ψ  ((φ  φ)  (φ  ψ))
837    using "∀E"(1) by blast
838  AOT_hence (φ  φ)  (φ  ψ)
839    using assumption "→E" by blast
840  moreover AOT_have (φ  φ)
841    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
842  ultimately AOT_show (φ  ψ)
843    using "→E" by blast
844qed
845
846AOT_theorem "rule=E": assumes φ{τ} and τ = σ shows φ{σ}
847proof -
848  AOT_have τ and σ using assms(2) "t=t-proper:1" "t=t-proper:2" "→E" by blast+
849  moreover AOT_have αβ(α = β  (φ{α}  φ{β}))
850    apply (rule GEN)+ using "l-identity"[axiom_inst] by blast
851  ultimately AOT_have τ = σ  (φ{τ}  φ{σ})
852    using "∀E"(1) by blast
853  AOT_thus φ{σ} using assms "→E" by blast
854qed
855
856AOT_theorem "propositions-lemma:1":  φ] = φ
857proof -
858  AOT_have φ by (simp add: "log-prop-prop:2")
859  moreover AOT_have p  p] = p using "lambda-predicates:3[zero]"[axiom_inst] "∀I" by fast
860  ultimately AOT_show  φ] = φ
861    using "∀E" by blast
862qed
863
864AOT_theorem "propositions-lemma:2":  φ]  φ
865proof -
866  AOT_have  φ]   φ] by (simp add: "oth-class-taut:3:a")
867  AOT_thus  φ]  φ using "propositions-lemma:1" "rule=E" by blast
868qed
869
870(* propositions-lemma:3 through propositions-lemma:5 do not apply *)
871
872AOT_theorem "propositions-lemma:6": (φ  ψ)  ( φ]   ψ])
873  by (metis "≡E"(1) "≡E"(5) "Associativity of ≡" "propositions-lemma:2")
874
875(* dr-alphabetic-rules does not apply *)
876
877AOT_theorem "oa-exist:1": O!
878proof -
879  AOT_have x [E!]x] by "cqt:2[lambda]"
880  AOT_hence 1: O! = x [E!]x] using "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1)] "→E" by blast
881  AOT_show O! using "t=t-proper:1"[THEN "→E", OF 1] by simp
882qed
883
884AOT_theorem "oa-exist:2": A!
885proof -
886  AOT_have x ¬[E!]x] by "cqt:2[lambda]"
887  AOT_hence 1: A! = x ¬[E!]x] using "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1)] "→E" by blast
888  AOT_show A! using "t=t-proper:1"[THEN "→E", OF 1] by simp
889qed
890
891AOT_theorem "oa-exist:3": O!x  A!x
892proof(rule "raa-cor:1")
893  AOT_assume ¬(O!x  A!x)
894  AOT_hence A: ¬O!x and B: ¬A!x
895    using "Disjunction Addition"(1) "modus-tollens:1" "∨I"(2) "raa-cor:5" by blast+
896  AOT_have C: O! = x [E!]x]
897    by (rule "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1), THEN "→E"]) "cqt:2[lambda]"
898  AOT_have D: A! = x ¬[E!]x]
899    by (rule "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1), THEN "→E"]) "cqt:2[lambda]"
900  AOT_have E: ¬x [E!]x]x
901    using A C "rule=E" by fast
902  AOT_have F: ¬x ¬[E!]x]x
903    using B D "rule=E" by fast
904  AOT_have G: x [E!]x]x  [E!]x
905    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
906  AOT_have H: x ¬[E!]x]x  ¬[E!]x
907    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
908  AOT_show ¬[E!]x & ¬¬[E!]x using G E "≡E" H F "≡E" "&I" by metis
909qed
910
911AOT_theorem "p-identity-thm2:1": F = G  x(x[F]  x[G])
912proof -
913  AOT_have F = G  F & G & x(x[F]  x[G])
914    using "identity:2" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
915  moreover AOT_have F and G
916    by (auto simp: "cqt:2[const_var]"[axiom_inst])
917  ultimately AOT_show F = G  x(x[F]  x[G])
918    using "≡S"(1) "&I" by blast
919qed
920
921AOT_theorem "p-identity-thm2:2[2]": F = G  y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
922proof -
923  AOT_have F = G  F & G & y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
924    using "identity:3[2]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
925  moreover AOT_have F and G
926    by (auto simp: "cqt:2[const_var]"[axiom_inst])
927  ultimately show ?thesis
928    using "≡S"(1) "&I" by blast
929qed
930    
931AOT_theorem "p-identity-thm2:2[3]": F = G  y1y2(x [F]xy1y2] = x [G]xy1y2] & x [F]y1xy2] = x [G]y1xy2] & x [F]y1y2x] = x [G]y1y2x])
932proof -
933  AOT_have F = G  F & G & y1y2(x [F]xy1y2] = x [G]xy1y2] & x [F]y1xy2] = x [G]y1xy2] & x [F]y1y2x] = x [G]y1y2x])
934    using "identity:3[3]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
935  moreover AOT_have F and G
936    by (auto simp: "cqt:2[const_var]"[axiom_inst])
937  ultimately show ?thesis
938    using "≡S"(1) "&I" by blast
939qed
940
941AOT_theorem "p-identity-thm2:2[4]": F = G  y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] & x [F]y1xy2y3] = x [G]y1xy2y3] & x [F]y1y2xy3] = x [G]y1y2xy3] & x [F]y1y2y3x] = x [G]y1y2y3x])
942proof -
943  AOT_have F = G  F & G & y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] & x [F]y1xy2y3] = x [G]y1xy2y3] & x [F]y1y2xy3] = x [G]y1y2xy3] & x [F]y1y2y3x] = x [G]y1y2y3x])
944    using "identity:3[4]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
945  moreover AOT_have F and G
946    by (auto simp: "cqt:2[const_var]"[axiom_inst])
947  ultimately show ?thesis
948    using "≡S"(1) "&I" by blast
949qed
950
951AOT_theorem "p-identity-thm2:2":
952  F = G  x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
953proof -
954  AOT_have F = G  F & G & x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
955    using "identity:3" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
956  moreover AOT_have F and G
957    by (auto simp: "cqt:2[const_var]"[axiom_inst])
958  ultimately show ?thesis
959    using "≡S"(1) "&I" by blast
960qed
961
962AOT_theorem "p-identity-thm2:3":
963  p = q  x p] = x q]
964proof -
965  AOT_have p = q  p & q & x p] = x q]
966    using "identity:4" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
967  moreover AOT_have p and q
968    by (auto simp: "cqt:2[const_var]"[axiom_inst])
969  ultimately show ?thesis
970    using "≡S"(1) "&I" by blast
971qed
972
973class AOT_Term_id_2 = AOT_Term_id + assumes "id-eq:1": [v  α = α]
974
975instance κ :: AOT_Term_id_2
976proof
977  AOT_modally_strict {
978    fix x
979    {
980      AOT_assume O!x
981      moreover AOT_have F([F]x  [F]x)
982        using RN GEN "oth-class-taut:3:a" by fast
983      ultimately AOT_have O!x & O!x & F([F]x  [F]x) using "&I" by simp
984    }
985    moreover {
986      AOT_assume A!x
987      moreover AOT_have F(x[F]  x[F])
988        using RN GEN "oth-class-taut:3:a" by fast
989      ultimately AOT_have A!x & A!x & F(x[F]  x[F]) using "&I" by simp
990    }
991    ultimately AOT_have (O!x & O!x & F([F]x  [F]x))  (A!x & A!x & F(x[F]  x[F]))
992      using "oa-exist:3" "∨I"(1) "∨I"(2) "∨E"(3) "raa-cor:1" by blast
993    AOT_thus x = x
994      using "identity:1"[THEN "df-rules-formulas[4]"] "→E" by blast
995  }
996qed
997
998instance rel :: ("{AOT_κs,AOT_Term_id_2}") AOT_Term_id_2
999proof
1000  AOT_modally_strict {
1001    fix F :: "<'a> AOT_var"
1002    AOT_have 0: x1...xn [F]x1...xn] = F
1003      by (simp add: "lambda-predicates:3"[axiom_inst])
1004    AOT_have x1...xn [F]x1...xn]
1005      by "cqt:2[lambda]"
1006    AOT_hence x1...xn [F]x1...xn] = x1...xn [F]x1...xn]
1007      using "lambda-predicates:1"[axiom_inst] "→E" by blast
1008    AOT_show F = F using "rule=E" 0 by force 
1009  }
1010qed
1011
1012instance 𝗈 :: AOT_Term_id_2
1013proof
1014  AOT_modally_strict {
1015    fix p
1016    AOT_have 0:  p] = p
1017      by (simp add: "lambda-predicates:3[zero]"[axiom_inst])
1018    AOT_have  p]
1019      by (rule "cqt:2[lambda0]"[axiom_inst])
1020    AOT_hence  p] =  p]
1021      using "lambda-predicates:1[zero]"[axiom_inst] "→E" by blast
1022    AOT_show p = p using "rule=E" 0 by force
1023  }
1024qed
1025
1026instance prod :: (AOT_Term_id_2, AOT_Term_id_2) AOT_Term_id_2
1027proof
1028  AOT_modally_strict {
1029    fix α :: ('a×'b) AOT_var›
1030    AOT_show α = α
1031    proof (induct)
1032      AOT_show τ = τ if τ for τ :: 'a×'b
1033        using that
1034      proof (induct τ)
1035        fix τ1 :: 'a and τ2 :: 'b
1036        AOT_assume «(τ1,τ2)»
1037        AOT_hence τ1 and τ2 using "≡dfE" "&E" tuple_denotes by blast+
1038        AOT_hence τ1 = τ1 and τ2 = τ2 using "id-eq:1"[unvarify α] by blast+
1039        AOT_thus «(τ1, τ2)» = «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_identity_1)
1040      qed
1041    qed
1042  }
1043qed
1044
1045AOT_register_type_constraints
1046  Term: _::AOT_Term_id_2› _::AOT_Term_id_2›
1047AOT_register_type_constraints
1048  Individual: ‹κ› _::{AOT_κs, AOT_Term_id_2}
1049AOT_register_type_constraints
1050  Relation: <_::{AOT_κs, AOT_Term_id_2}>
1051
1052(* TODO: Interestingly, this doesn't depend on "id-eq:1" at all! *)
1053AOT_theorem "id-eq:2": α = β  β = α
1054(*
1055  TODO: look at this proof generated using:
1056        including AOT_no_atp sledgehammer[isar_proofs = true]
1057proof -
1058  have "(∃φ. [v ⊨ ~β = α → ~φ] ∧ [v ⊨ α = β → φ]) ∨ (∃φ. ¬ [v ⊨ φ{α} → φ{β}])"
1059    by meson
1060  then show ?thesis
1061    by (meson "contraposition:2" "Hypothetical Syllogism" "deduction-theorem" l_"identity:1" "useful-tautologies:1")
1062qed
1063*)
1064(*  by (meson "rule=E" "deduction-theorem") *)
1065proof (rule "→I")
1066  AOT_assume α = β
1067  moreover AOT_have β = β using calculation "rule=E"[of _ "λ τ . «τ = β»" "AOT_term_of_var α" "AOT_term_of_var β"] by blast
1068  moreover AOT_have α = α  α = α using "if-p-then-p" by blast
1069  ultimately AOT_show β = α
1070    using "→E" "→I" "rule=E"[of _ "λ τ . «(τ = τ)  (τ = α)»" "AOT_term_of_var α" "AOT_term_of_var β"] by blast
1071qed
1072
1073AOT_theorem "id-eq:3": α = β & β = γ  α = γ
1074  using "rule=E" "→I" "&E" by blast
1075
1076AOT_theorem "id-eq:4": α = β  γ (α = γ  β = γ)
1077proof (rule "≡I"; rule "→I")
1078  AOT_assume 0: α = β
1079  AOT_hence 1: β = α using "id-eq:2" "→E" by blast
1080  AOT_show γ (α = γ  β = γ)
1081    by (rule GEN) (metis "≡I" "→I" 0 "1" "rule=E")
1082next
1083  AOT_assume γ (α = γ  β = γ)
1084  AOT_hence α = α  β = α using "∀E"(2) by blast
1085  AOT_hence α = α  β = α using "≡E"(1) "→I" by blast
1086  AOT_hence β = α using "id-eq:1" "→E" by blast
1087  AOT_thus α = β using "id-eq:2" "→E" by blast
1088qed
1089
1090AOT_theorem "rule=I:1": assumes τ shows τ = τ
1091proof -
1092  AOT_have α (α = α)
1093    by (rule GEN) (metis "id-eq:1")
1094  AOT_thus τ = τ using assms "∀E" by blast
1095qed
1096
1097AOT_theorem "rule=I:2[const_var]": "α = α"
1098  using "id-eq:1".
1099
1100AOT_theorem "rule=I:2[lambda]": assumes INSTANCE_OF_CQT_2(φ) shows "ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]"
1101proof -
1102  AOT_have α (α = α)
1103    by (rule GEN) (metis "id-eq:1")
1104  moreover AOT_have ν1...νn φ{ν1...νn}] using assms by (rule "cqt:2[lambda]"[axiom_inst])
1105  ultimately AOT_show ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}] using assms "∀E" by blast
1106qed
1107
1108lemmas "=I" = "rule=I:1" "rule=I:2[const_var]" "rule=I:2[lambda]"
1109
1110AOT_theorem "rule-id-df:1":
1111  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn}
1112  shows τ{τ1...τn} = σ{τ1...τn}
1113proof -
1114  AOT_have σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}
1115    using "df-rules-terms[3]" assms(1) "&E" by blast
1116  AOT_thus τ{τ1...τn} = σ{τ1...τn}
1117    using assms(2) "→E" by blast
1118qed
1119
1120AOT_theorem "rule-id-df:1[zero]":
1121  assumes τ =df σ and σ
1122  shows τ = σ
1123proof -
1124  AOT_have σ  τ = σ
1125    using "df-rules-terms[4]" assms(1) "&E" by blast
1126  AOT_thus τ = σ
1127    using assms(2) "→E" by blast
1128qed
1129
1130AOT_theorem "rule-id-df:2:a":
1131  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{τ{τ1...τn}}
1132  shows φ{σ{τ1...τn}}
1133proof -
1134  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1135  AOT_thus φ{σ{τ1...τn}} using assms(3) "rule=E" by blast
1136qed
1137
1138(* TODO: get rid of this, ideally *)
1139AOT_theorem "rule-id-df:2:a[2]":
1140  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»} and σ{«(τ1,τ2)»} and φ{τ{«(τ1,τ2)»}}
1141  shows φ{σ{«(τ1,τ2)»}}
1142proof -
1143  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1144  proof -
1145    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1146      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
1147    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1148      using assms(2) "→E" by blast
1149  qed
1150  AOT_thus φ{σ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1151qed
1152
1153AOT_theorem "rule-id-df:2:a[zero]":
1154  assumes τ =df σ and σ and φ{τ}
1155  shows φ{σ}
1156proof -
1157  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1158  AOT_thus φ{σ} using assms(3) "rule=E" by blast
1159qed
1160
1161lemmas "=dfE" = "rule-id-df:2:a" "rule-id-df:2:a[zero]"
1162
1163AOT_theorem "rule-id-df:2:b":
1164  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{σ{τ1...τn}}
1165  shows φ{τ{τ1...τn}}
1166proof -
1167  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1168  AOT_hence σ{τ1...τn} = τ{τ1...τn}
1169    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1170  AOT_thus φ{τ{τ1...τn}} using assms(3) "rule=E" by blast
1171qed
1172
1173(* TODO: get rid of this, ideally *)
1174AOT_theorem "rule-id-df:2:b[2]":
1175  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»} and σ{«(τ1,τ2)»} and φ{σ{«(τ1,τ2)»}}
1176  shows φ{τ{«(τ1,τ2)»}}
1177proof -
1178  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1179  proof -
1180    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1181      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
1182    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1183      using assms(2) "→E" by blast
1184  qed
1185  AOT_hence σ{«(τ1,τ2)»} = τ{«(τ1,τ2)»}
1186    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1187  AOT_thus φ{τ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1188qed
1189
1190AOT_theorem "rule-id-df:2:b[zero]":
1191  assumes τ =df σ and σ and φ{σ}
1192  shows φ{τ}
1193proof -
1194  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1195  AOT_hence σ = τ
1196    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1197  AOT_thus φ{τ} using assms(3) "rule=E" by blast
1198qed
1199
1200lemmas "=dfI" = "rule-id-df:2:b" "rule-id-df:2:b[zero]"
1201
1202AOT_theorem "free-thms:1": τ  β (β = τ)
1203  by (metis "∃E" "rule=I:1" "t=t-proper:2" "→I" "∃I"(1) "≡I" "→E")
1204
1205AOT_theorem "free-thms:2": α φ{α}  (β (β = τ)  φ{τ})
1206  by (metis "∃E" "rule=E" "cqt:2[const_var]"[axiom_inst] "→I" "∀E"(1))
1207
1208AOT_theorem "free-thms:3[const_var]": β (β = α)
1209  by (meson "∃I"(2) "id-eq:1")
1210
1211AOT_theorem "free-thms:3[lambda]": assumes INSTANCE_OF_CQT_2(φ) shows β (β = ν1...νn φ{ν1...νn}])
1212  by (meson "=I"(3) assms "cqt:2[lambda]"[axiom_inst] "existential:1")
1213
1214AOT_theorem "free-thms:4[rel]": ([Π]κ1...κn  κ1...κn[Π])  β (β = Π)
1215  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1216
1217(* TODO: this is a rather weird way to formulate this and we don't have tuple-existential-elimination
1218         or tuple-equality-elimination in the theory... Splitting them is also a bit unfortunate, though.*)
1219AOT_theorem "free-thms:4[vars]": ([Π]κ1...κn  κ1...κn[Π])  β1...∃βn (β1...βn = κ1...κn)
1220  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1221
1222AOT_theorem "free-thms:4[1,rel]": ([Π]κ  κ[Π])  β (β = Π)
1223  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1224AOT_theorem "free-thms:4[1,1]": ([Π]κ  κ[Π])  β (β = κ)
1225  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1226
1227AOT_theorem "free-thms:4[2,rel]": ([Π]κ1κ2  κ1κ2[Π])  β (β = Π)
1228  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1229AOT_theorem "free-thms:4[2,1]": ([Π]κ1κ2  κ1κ2[Π])  β (β = κ1)
1230  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1231AOT_theorem "free-thms:4[2,2]": ([Π]κ1κ2  κ1κ2[Π])  β (β = κ2)
1232  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1233AOT_theorem "free-thms:4[3,rel]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = Π)
1234  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1235AOT_theorem "free-thms:4[3,1]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ1)
1236  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1237AOT_theorem "free-thms:4[3,2]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ2)
1238  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1239AOT_theorem "free-thms:4[3,3]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ3)
1240  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1241AOT_theorem "free-thms:4[4,rel]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = Π)
1242  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1243AOT_theorem "free-thms:4[4,1]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ1)
1244  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1245AOT_theorem "free-thms:4[4,2]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ2)
1246  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1247AOT_theorem "free-thms:4[4,3]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ3)
1248  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1249AOT_theorem "free-thms:4[4,4]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ4)
1250  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1251
1252AOT_theorem "ex:1:a": α α
1253  by (rule GEN) (fact "cqt:2[const_var]"[axiom_inst])
1254AOT_theorem "ex:1:b": αβ(β = α)
1255  by (rule GEN) (fact "free-thms:3[const_var]")
1256
1257AOT_theorem "ex:2:a": α
1258  by (rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1259AOT_theorem "ex:2:b": β(β = α)
1260  by (rule RN) (fact "free-thms:3[const_var]")
1261
1262AOT_theorem "ex:3:a": α α
1263  by (rule RN) (fact "ex:1:a")
1264AOT_theorem "ex:3:b": αβ(β = α)
1265  by (rule RN) (fact "ex:1:b")
1266
1267AOT_theorem "ex:4:a": α α
1268  by (rule GEN; rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1269AOT_theorem "ex:4:b": αβ(β = α)
1270  by (rule GEN; rule RN) (fact "free-thms:3[const_var]")
1271
1272AOT_theorem "ex:5:a": α α
1273  by (rule RN) (simp add: "ex:4:a")
1274AOT_theorem "ex:5:b": αβ(β = α)
1275  by (rule RN) (simp add: "ex:4:b")
1276
1277AOT_theorem "all-self=:1": α(α = α)
1278  by (rule RN; rule GEN) (fact "id-eq:1")
1279AOT_theorem "all-self=:2": α(α = α)
1280  by (rule GEN; rule RN) (fact "id-eq:1")
1281
1282AOT_theorem "id-nec:1": α = β  (α = β)
1283proof(rule "→I")
1284  AOT_assume α = β
1285  moreover AOT_have (α = α)
1286    by (rule RN) (fact "id-eq:1")
1287  ultimately AOT_show (α = β) using "rule=E" by fast
1288qed
1289
1290AOT_theorem "id-nec:2": τ = σ  (τ = σ)
1291proof(rule "→I")
1292  AOT_assume asm: τ = σ
1293  moreover AOT_have τ
1294    using calculation "t=t-proper:1" "→E" by blast
1295  moreover AOT_have (τ = τ)
1296    using calculation "all-self=:2" "∀E"(1) by blast
1297  ultimately AOT_show (τ = σ) using "rule=E" by fast
1298qed
1299
1300AOT_theorem "term-out:1": φ{α}  β (β = α & φ{β})
1301proof (rule "≡I"; rule "→I")
1302  AOT_assume asm: φ{α}
1303  AOT_show β (β = α & φ{β})
1304    by (rule "∃I"(2)[where β=α]; rule "&I")
1305       (auto simp: "id-eq:1" asm)
1306next
1307  AOT_assume 0: β (β = α & φ{β})
1308  (* TODO: have another look at this instantiation. Ideally AOT_obtain would resolve directly to the existential
1309           statement as proof obligation *)
1310  AOT_obtain β where β = α & φ{β} using "instantiation"[rotated, OF 0] by blast
1311  AOT_thus φ{α} using "&E" "rule=E" by blast
1312qed
1313
1314AOT_theorem "term-out:2": τ  (φ{τ}  α(α = τ & φ{α}))
1315proof(rule "→I")
1316  AOT_assume τ
1317  moreover AOT_have α (φ{α}  β (β = α & φ{β}))
1318    by (rule GEN) (fact "term-out:1")
1319  ultimately AOT_show φ{τ}  α(α = τ & φ{α})
1320    using "∀E" by blast
1321qed
1322
1323(* TODO: example of an apply-style proof. Keep or reformulate? *)
1324AOT_theorem "term-out:3": (φ{α} & β(φ{β}  β = α))  β(φ{β}  β = α)
1325  apply (rule "≡I"; rule "→I")
1326   apply (frule "&E"(1)) apply (drule "&E"(2))
1327   apply (rule GEN; rule "≡I"; rule "→I")
1328  using "rule-ui:2[const_var]" "vdash-properties:5" apply blast
1329  apply (meson "rule=E" "id-eq:1")
1330  apply (rule "&I")
1331  using "id-eq:1" "≡E"(2) "rule-ui:3" apply blast
1332  apply (rule GEN; rule "→I")
1333  using "≡E"(1) "rule-ui:2[const_var]" by blast
1334
1335AOT_theorem "term-out:4": (φ{β} & α(φ{α}  α = β))  α(φ{α}  α = β)
1336  using "term-out:3" . (* TODO: same as above - another instance of the generalized alphabetic variant rule... *)
1337
1338(* TODO: would of course be nice to define it without the syntax magic *)
1339AOT_define AOT_exists_unique :: ‹α  φ  φ›
1340  "uniqueness:1": «AOT_exists_unique φ» df α (φ{α} & β (φ{β}  β = α))
1341syntax "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_ _" [1,40])
1342AOT_syntax_print_translations
1343  "_AOT_exists_unique τ φ" <= "CONST AOT_exists_unique (_abs τ φ)"
1344syntax
1345   "_AOT_exists_unique_ellipse" :: ‹id_position  id_position  φ  φ› (∃!_...∃!_ _› [1,40])
1346parse_ast_translation[(syntax_const‹_AOT_exists_unique_ellipse›, fn ctx => fn [a,b,c] =>
1347  Ast.mk_appl (Ast.Constant "AOT_exists_unique") [parseEllipseList "_AOT_vars" ctx [a,b],c]),
1348(syntax_const‹_AOT_exists_unique›,AOT_restricted_binder const_name‹AOT_exists_unique› const_syntax‹AOT_conj›)]
1349print_translationAOT_syntax_print_translations
1350  [AOT_preserve_binder_abs_tr' const_syntax‹AOT_exists_unique› syntax_const‹_AOT_exists_unique› (syntax_const‹_AOT_exists_unique_ellipse›, true) const_name‹AOT_conj›,
1351  AOT_binder_trans @{theory} @{binding "AOT_exists_unique_binder"} syntax_const‹_AOT_exists_unique›]
1352
1353
1354
1355context AOT_meta_syntax
1356begin
1357notation AOT_exists_unique (binder "!" 20)
1358end
1359context AOT_no_meta_syntax
1360begin
1361no_notation AOT_exists_unique (binder "!" 20)
1362end
1363
1364AOT_theorem "uniqueness:2": ∃!α φ{α}  αβ(φ{β}  β = α)
1365proof(rule "≡I"; rule "→I")
1366    AOT_assume ∃!α φ{α}
1367    AOT_hence α (φ{α} & β (φ{β}  β = α))
1368      using "uniqueness:1" "≡dfE" by blast
1369    then AOT_obtain α where φ{α} & β (φ{β}  β = α) using "instantiation"[rotated] by blast
1370    AOT_hence β(φ{β}  β = α) using "term-out:3" "≡E" by blast
1371    AOT_thus αβ(φ{β}  β = α)
1372      using "∃I" by fast
1373next
1374    AOT_assume αβ(φ{β}  β = α)
1375    then AOT_obtain α where β (φ{β}  β = α) using "instantiation"[rotated] by blast
1376    AOT_hence φ{α} & β (φ{β}  β = α) using "term-out:3" "≡E" by blast
1377    AOT_hence α (φ{α} & β (φ{β}  β = α))
1378      using "∃I" by fast
1379    AOT_thus ∃!α φ{α}
1380      using "uniqueness:1" "≡dfI" by blast
1381qed
1382
1383AOT_theorem "uni-most": ∃!α φ{α}  βγ((φ{β} & φ{γ})  β = γ)
1384proof(rule "→I"; rule GEN; rule GEN; rule "→I")
1385  fix β γ
1386  AOT_assume ∃!α φ{α}
1387  AOT_hence αβ(φ{β}  β = α)
1388    using "uniqueness:2" "≡E" by blast
1389  then AOT_obtain α where β(φ{β}  β = α)
1390    using "instantiation"[rotated] by blast
1391  moreover AOT_assume φ{β} & φ{γ}
1392  ultimately AOT_have β = α and γ = α
1393    using "∀E"(2) "&E" "≡E"(1,2) by blast+
1394  AOT_thus β = γ
1395    by (metis "rule=E" "id-eq:2" "→E")
1396qed
1397
1398AOT_theorem "nec-exist-!": α(φ{α}  φ{α})  (∃!α φ{α}  ∃!α φ{α})
1399proof (rule "→I"; rule "→I")
1400  AOT_assume a: α(φ{α}  φ{α})
1401  AOT_assume ∃!α φ{α}
1402  AOT_hence α (φ{α} & β (φ{β}  β = α)) using "uniqueness:1" "≡dfE" by blast
1403  then AOT_obtain α where ξ: φ{α} & β (φ{β}  β = α) using "instantiation"[rotated] by blast
1404  AOT_have φ{α}
1405    using ξ a "&E" "∀E" "→E" by fast
1406  moreover AOT_have β (φ{β}  β = α)
1407    apply (rule GEN; rule "→I")
1408    using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
1409  ultimately AOT_have (φ{α} & β (φ{β}  β = α))
1410    using "&I" by blast
1411  AOT_thus ∃!α φ{α}
1412    using "uniqueness:1" "≡dfI" "∃I" by fast
1413qed
1414
1415AOT_theorem "act-cond": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1416  using "→I" "≡E"(1) "logic-actual-nec:2"[axiom_inst] by blast
1417
1418AOT_theorem "nec-imp-act": φ  𝒜φ
1419  by (metis "act-cond" "contraposition:1[2]" "≡E"(4) "qml:2"[THEN act_closure, axiom_inst] "qml-act:2"[axiom_inst] RAA(1) "→E" "→I")
1420
1421AOT_theorem "act-conj-act:1": 𝒜(𝒜φ  φ)
1422  using "→I" "≡E"(2) "logic-actual-nec:2"[axiom_inst] "logic-actual-nec:4"[axiom_inst] by blast
1423
1424AOT_theorem "act-conj-act:2": 𝒜(φ  𝒜φ)
1425  by (metis "→I" "≡E"(2, 4) "logic-actual-nec:2"[axiom_inst] "logic-actual-nec:4"[axiom_inst] RAA(1))
1426
1427AOT_theorem "act-conj-act:3": (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1428proof -
1429  AOT_have (φ  (ψ  (φ & ψ)))
1430    by (rule RN) (fact Adjunction)
1431  AOT_hence 𝒜(φ  (ψ  (φ & ψ)))
1432    using "nec-imp-act" "→E" by blast
1433  AOT_hence 𝒜φ  𝒜(ψ  (φ & ψ))
1434    using "act-cond" "→E" by blast
1435  moreover AOT_have 𝒜(ψ  (φ & ψ))  (𝒜ψ  𝒜(φ & ψ))
1436    by (fact "act-cond")
1437  ultimately AOT_have 𝒜φ  (𝒜ψ  𝒜(φ & ψ))
1438    using "→I" "→E" by metis
1439  AOT_thus (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1440    by (metis Importation "→E")
1441qed
1442
1443AOT_theorem "act-conj-act:4": 𝒜(𝒜φ  φ)
1444proof -
1445  AOT_have (𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ))  𝒜((𝒜φ  φ) & (φ  𝒜φ))
1446    by (fact "act-conj-act:3")
1447  moreover AOT_have 𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ)
1448    using "&I" "act-conj-act:1" "act-conj-act:2" by simp
1449  ultimately AOT_have ζ: 𝒜((𝒜φ  φ) & (φ  𝒜φ))
1450    using "→E" by blast
1451  AOT_have 𝒜(((𝒜φ  φ) & (φ  𝒜φ))  (𝒜φ  φ))
1452    using "conventions:3"[THEN "df-rules-formulas[2]", THEN act_closure, axiom_inst] by blast
1453  AOT_hence 𝒜((𝒜φ  φ) & (φ  𝒜φ))  𝒜(𝒜φ  φ)
1454    using "act-cond" "→E" by blast
1455  AOT_thus 𝒜(𝒜φ  φ) using ζ "→E" by blast
1456qed
1457
1458(* TODO: consider introducing AOT_inductive *)
1459inductive arbitrary_actualization for φ where
1460  arbitrary_actualization φ «𝒜φ»
1461| arbitrary_actualization φ «𝒜ψ» if arbitrary_actualization φ ψ
1462declare arbitrary_actualization.cases[AOT] arbitrary_actualization.induct[AOT]
1463        arbitrary_actualization.simps[AOT] arbitrary_actualization.intros[AOT]
1464syntax arbitrary_actualization :: ‹φ'  φ'  AOT_prop› ("ARBITRARY'_ACTUALIZATION'(_,_')")
1465
1466notepad
1467begin
1468  AOT_modally_strict {
1469    fix φ
1470    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜(𝒜φ  φ))
1471      using AOT_PLM.arbitrary_actualization.intros by metis
1472    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜(𝒜φ  φ))
1473      using AOT_PLM.arbitrary_actualization.intros by metis
1474    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜𝒜(𝒜φ  φ))
1475      using AOT_PLM.arbitrary_actualization.intros by metis
1476  }
1477end
1478
1479
1480AOT_theorem "closure-act:1": assumes ARBITRARY_ACTUALIZATION(𝒜φ  φ, ψ) shows ψ
1481using assms proof(induct)
1482  case 1
1483  AOT_show 𝒜(𝒜φ  φ)
1484    by (simp add: "act-conj-act:4")
1485next
1486  case (2 ψ)
1487  AOT_thus 𝒜ψ
1488    by (metis arbitrary_actualization.simps "≡E"(1) "logic-actual-nec:4"[axiom_inst])
1489qed
1490
1491AOT_theorem "closure-act:2": α 𝒜(𝒜φ{α}  φ{α})
1492  by (simp add: "act-conj-act:4" "∀I")
1493
1494AOT_theorem "closure-act:3": 𝒜α 𝒜(𝒜φ{α}  φ{α})
1495  by (metis (no_types, lifting) "act-conj-act:4" "≡E"(1,2) "logic-actual-nec:3"[axiom_inst] "logic-actual-nec:4"[axiom_inst] "∀I")
1496
1497AOT_theorem "closure-act:4": 𝒜α1...∀αn 𝒜(𝒜φ{α1...αn}  φ{α1...αn})
1498  using "closure-act:3" .
1499
1500(* TODO: examine these proofs *)
1501AOT_act_theorem "RA[1]": assumes  φ shows  𝒜φ
1502  ― ‹While this proof is rejected in PLM, we merely state it as modally-fragile rule, which addresses the concern in PLM.›
1503  using "¬¬E" assms "≡E"(3) "logic-actual"[act_axiom_inst] "logic-actual-nec:1"[axiom_inst] "modus-tollens:2" by blast
1504AOT_theorem "RA[2]": assumes  φ shows  𝒜φ
1505  ― ‹This rule is in fact a consequence of RN and does not require an appeal to the semantics itself.›
1506  using RN assms "nec-imp-act" "vdash-properties:5" by blast
1507AOT_theorem "RA[3]": assumes Γ  φ shows 𝒜Γ  𝒜φ
1508  text‹While this is derivable from the semantics, it is not derivable without,
1509       but apparently no proof actually relies on it. If this turns out to be required,
1510       it is valid to derive it from the semantics just like RN, but we refrain from doing
1511       so, unless necessary.›
1512 (*  using assms by (meson AOT_sem_act imageI) *)
1513  oops
1514
1515AOT_act_theorem "ANeg:1": ¬𝒜φ  ¬φ
1516  by (simp add: "RA[1]" "contraposition:1[1]" "deduction-theorem" "≡I" "logic-actual"[act_axiom_inst])
1517
1518AOT_act_theorem "ANeg:2": ¬𝒜¬φ  φ
1519  using "ANeg:1" "≡I" "≡E"(5) "useful-tautologies:1" "useful-tautologies:2" by blast
1520
1521AOT_theorem "Act-Basic:1": 𝒜φ  𝒜¬φ
1522  by (meson "∨I"(1,2) "≡E"(2) "logic-actual-nec:1"[axiom_inst] "raa-cor:1")
1523
1524AOT_theorem "Act-Basic:2": 𝒜(φ & ψ)  (𝒜φ & 𝒜ψ)
1525proof (rule "≡I"; rule "→I")
1526  AOT_assume 𝒜(φ & ψ)
1527  moreover AOT_have 𝒜((φ & ψ)  φ)
1528    by (simp add: "RA[2]" "Conjunction Simplification"(1))
1529  moreover AOT_have 𝒜((φ & ψ)  ψ)
1530    by (simp add: "RA[2]" "Conjunction Simplification"(2))
1531  ultimately AOT_show 𝒜φ & 𝒜ψ
1532    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1533next
1534  AOT_assume 𝒜φ & 𝒜ψ
1535  AOT_thus 𝒜(φ & ψ)
1536    using "act-conj-act:3" "vdash-properties:6" by blast
1537qed
1538
1539AOT_theorem "Act-Basic:3": 𝒜(φ  ψ)  (𝒜(φ  ψ) & 𝒜(ψ  φ))
1540proof (rule "≡I"; rule "→I")
1541  AOT_assume 𝒜(φ  ψ)
1542  moreover AOT_have 𝒜((φ  ψ)  (φ  ψ))
1543    by (simp add: "RA[2]" "deduction-theorem" "≡E"(1))
1544  moreover AOT_have 𝒜((φ  ψ)  (ψ  φ))
1545    by (simp add: "RA[2]" "deduction-theorem" "≡E"(2))
1546  ultimately AOT_show 𝒜(φ  ψ) & 𝒜(ψ  φ)
1547    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1548next
1549  AOT_assume 𝒜(φ  ψ) & 𝒜(ψ  φ)
1550  AOT_hence 𝒜((φ  ψ) & (ψ  φ))
1551    by (metis "act-conj-act:3" "vdash-properties:10")
1552  moreover AOT_have 𝒜(((φ  ψ) & (ψ  φ))  (φ  ψ))
1553    by (simp add: "conventions:3" "RA[2]" "df-rules-formulas[2]" "vdash-properties:1[2]")
1554  ultimately AOT_show 𝒜(φ  ψ)
1555    using "act-cond"[THEN "→E", THEN "→E"] by metis
1556qed
1557
1558AOT_theorem "Act-Basic:4": (𝒜(φ  ψ) & 𝒜(ψ  φ))  (𝒜φ  𝒜ψ)
1559proof (rule "≡I"; rule "→I")
1560  AOT_assume 0: 𝒜(φ  ψ) & 𝒜(ψ  φ)
1561  AOT_show 𝒜φ  𝒜ψ
1562    using 0 "&E" "act-cond"[THEN "→E", THEN "→E"] "≡I" "→I" by metis
1563next
1564  AOT_assume 𝒜φ  𝒜ψ
1565  AOT_thus 𝒜(φ  ψ) & 𝒜(ψ  φ)
1566    by (metis "→I" "logic-actual-nec:2"[axiom_inst] "≡E"(1,2) "&I")
1567qed
1568
1569AOT_theorem "Act-Basic:5": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1570  using "Act-Basic:3" "Act-Basic:4" "≡E"(5) by blast
1571
1572AOT_theorem "Act-Basic:6": 𝒜φ  𝒜φ
1573  by (simp add: "≡I" "qml:2"[axiom_inst] "qml-act:1"[axiom_inst])
1574
1575AOT_theorem "Act-Basic:7": 𝒜φ  𝒜φ
1576  by (metis "Act-Basic:6" "→I" "→E" "≡E"(1,2) "nec-imp-act" "qml-act:2"[axiom_inst])
1577
1578AOT_theorem "Act-Basic:8": φ  𝒜φ
1579  using "Hypothetical Syllogism" "nec-imp-act" "qml-act:1"[axiom_inst] by blast
1580
1581AOT_theorem "Act-Basic:9": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1582proof (rule "≡I"; rule "→I")
1583  AOT_assume 𝒜(φ  ψ)
1584  AOT_thus 𝒜φ  𝒜ψ
1585  proof (rule "raa-cor:3")
1586    AOT_assume ¬(𝒜φ  𝒜ψ)
1587    AOT_hence ¬𝒜φ & ¬𝒜ψ
1588      by (metis "≡E"(1) "oth-class-taut:5:d")
1589    AOT_hence 𝒜¬φ & 𝒜¬ψ
1590      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] "&E" "&I" by metis
1591    AOT_hence 𝒜(¬φ & ¬ψ)
1592      using "≡E" "Act-Basic:2" by metis
1593    moreover AOT_have 𝒜((¬φ & ¬ψ)  ¬(φ  ψ))
1594      using "RA[2]" "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:d" by blast
1595    moreover AOT_have 𝒜(¬φ & ¬ψ)  𝒜(¬(φ  ψ))
1596      using calculation(2) by (metis "Act-Basic:5" "≡E"(1))
1597    ultimately AOT_have 𝒜(¬(φ  ψ)) using "≡E" by blast
1598    AOT_thus ¬𝒜(φ  ψ)
1599      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by auto
1600  qed
1601next
1602  AOT_assume 𝒜φ  𝒜ψ
1603  AOT_thus 𝒜(φ  ψ)
1604    by (meson "RA[2]" "act-cond" "∨I"(1) "∨E"(1) "Disjunction Addition"(1) "Disjunction Addition"(2))
1605qed
1606
1607AOT_theorem "Act-Basic:10": 𝒜α φ{α}  α 𝒜φ{α}
1608proof -
1609  AOT_have θ: ¬𝒜α ¬φ{α}  ¬α 𝒜¬φ{α}
1610    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1611       (metis "logic-actual-nec:3"[axiom_inst])
1612  AOT_have ξ: ¬α 𝒜¬φ{α}  ¬α ¬𝒜φ{α}
1613    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1614       (rule "logic-actual-nec:1"[THEN universal_closure, axiom_inst, THEN "cqt-basic:3"[THEN "→E"]])
1615  AOT_have 𝒜(α φ{α})  𝒜(¬α ¬φ{α})
1616    using "conventions:4"[THEN "df-rules-formulas[1]", THEN act_closure, axiom_inst]
1617          "conventions:4"[THEN "df-rules-formulas[2]", THEN act_closure, axiom_inst]
1618    "Act-Basic:4"[THEN "≡E"(1)] "&I" "Act-Basic:5"[THEN "≡E"(2)] by metis
1619  also AOT_have   ¬𝒜α ¬φ{α}
1620    by (simp add: "logic-actual-nec:1" "vdash-properties:1[2]")
1621  also AOT_have   ¬α 𝒜 ¬φ{α} using θ by blast
1622  also AOT_have   ¬α ¬𝒜 φ{α} using ξ by blast
1623  also AOT_have   α 𝒜 φ{α}
1624    using "conventions:4"[THEN "≡Df"] by (metis "≡E"(6) "oth-class-taut:3:a")
1625  finally AOT_show 𝒜α φ{α}  α 𝒜φ{α} .
1626qed
1627
1628
1629AOT_theorem "Act-Basic:11": 𝒜α(φ{α}  ψ{α})  α(𝒜φ{α}  𝒜ψ{α})
1630proof(rule "≡I"; rule "→I")
1631  AOT_assume 𝒜α(φ{α}  ψ{α})
1632  AOT_hence α𝒜(φ{α}  ψ{α})
1633    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] by blast
1634  AOT_hence 𝒜(φ{α}  ψ{α}) for α using "∀E" by blast
1635  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α by (metis "Act-Basic:5" "≡E"(1))
1636  AOT_thus α(𝒜φ{α}  𝒜ψ{α}) by (rule "∀I")
1637next
1638  AOT_assume α(𝒜φ{α}  𝒜ψ{α})
1639  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α using "∀E" by blast
1640  AOT_hence 𝒜(φ{α}  ψ{α}) for α by (metis "Act-Basic:5" "≡E"(2))
1641  AOT_hence α 𝒜(φ{α}  ψ{α}) by (rule "∀I")
1642  AOT_thus 𝒜α(φ{α}  ψ{α})
1643    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
1644qed
1645
1646AOT_act_theorem "act-quant-uniq": β(𝒜φ{β}  β = α)  β(φ{β}  β = α)
1647proof(rule "≡I"; rule "→I")
1648  AOT_assume β(𝒜φ{β}  β = α)
1649  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1650  AOT_hence φ{β}  β = α for β
1651    using "≡I" "→I" "RA[1]" "≡E"(1) "≡E"(2) "logic-actual"[act_axiom_inst] "vdash-properties:6"
1652    by metis
1653  AOT_thus β(φ{β}  β = α) by (rule "∀I")
1654next
1655  AOT_assume β(φ{β}  β = α)
1656  AOT_hence φ{β}  β = α for β using "∀E" by blast
1657  AOT_hence 𝒜φ{β}  β = α for β
1658    using "≡I" "→I" "RA[1]" "≡E"(1) "≡E"(2) "logic-actual"[act_axiom_inst] "vdash-properties:6"
1659    by metis
1660  AOT_thus β(𝒜φ{β}  β = α) by (rule "∀I")
1661qed
1662
1663AOT_act_theorem "fund-cont-desc": x = ιx(φ{x})  z(φ{z}  z = x)
1664  using descriptions[axiom_inst] "act-quant-uniq" "≡E"(5) by fast
1665
1666AOT_act_theorem hintikka: x = ιx(φ{x})  (φ{x} & z (φ{z}  z = x))
1667  using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" "fund-cont-desc" "≡E"(5) by blast
1668
1669
1670locale russel_axiom =
1671  fixes ψ
1672  assumes ψ_denotes_asm: "[v  ψ{κ}]  [v  κ]"
1673begin
1674AOT_act_theorem "russell-axiom": ψ{ιx φ{x}}  x(φ{x} & z(φ{z}  z = x) & ψ{x})
1675proof -
1676  AOT_have b: x (x = ιx φ{x}  (φ{x} & z(φ{z}  z = x)))
1677    using hintikka "∀I" by fast
1678  show ?thesis
1679  proof(rule "≡I"; rule "→I")
1680    AOT_assume c: ψ{ιx φ{x}}
1681    AOT_hence d: ιx φ{x} using ψ_denotes_asm by blast
1682    AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1683    then AOT_obtain a where a_def: a = ιx φ{x} using "instantiation"[rotated] by blast
1684    moreover AOT_have a = ιx φ{x}  (φ{a} & z(φ{z}  z = a)) using b "∀E" by blast
1685    ultimately AOT_have φ{a} & z(φ{z}  z = a) using "≡E" by blast
1686    moreover AOT_have ψ{a}
1687    proof - 
1688      AOT_have 1: xy(x = y  y = x)
1689        by (simp add: "id-eq:2" "universal-cor")
1690      AOT_have a = ιx φ{x}   ιx φ{x} = a
1691        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
1692           (auto simp: 1 d "universal-cor")
1693      AOT_thus ψ{a}
1694        using a_def c "rule=E" "→E" by blast
1695    qed
1696    ultimately AOT_have φ{a} & z(φ{z}  z = a) & ψ{a} by (rule "&I")
1697    AOT_thus x(φ{x} & z(φ{z}  z = x) & ψ{x}) by (rule "∃I")
1698  next
1699    AOT_assume x(φ{x} & z(φ{z}  z = x) & ψ{x})
1700    then AOT_obtain b where g: φ{b} & z(φ{z}  z = b) & ψ{b} using "instantiation"[rotated] by blast
1701    AOT_hence h: b = ιx φ{x}  (φ{b} & z(φ{z}  z = b)) using b "∀E" by blast
1702    AOT_have φ{b} & z(φ{z}  z = b) and j: ψ{b} using g "&E" by blast+
1703    AOT_hence b = ιx φ{x} using h "≡E" by blast
1704    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
1705  qed
1706qed
1707end
1708
1709(* TODO: this nicely shows off using locales with the embedding, but maybe there is still a nicer way *)
1710(* TODO: sledgehammer tends to refer to ψ_denotes_asm in these instantiation instead of referring
1711         to cqt:5:a - should be fixed *)
1712interpretation "russell-axiom[exe,1]": russel_axiom λ κ . «[Π]κ»
1713  by standard (metis "cqt:5:a[1]"[axiom_inst, THEN "→E"] "&E"(2))
1714interpretation "russell-axiom[exe,2,1,1]": russel_axiom λ κ . «[Π]κκ'»
1715  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E")
1716interpretation "russell-axiom[exe,2,1,2]": russel_axiom λ κ . «[Π]κ'κ»
1717  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
1718interpretation "russell-axiom[exe,2,2]": russel_axiom λ κ . «[Π]κκ»
1719  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
1720interpretation "russell-axiom[exe,3,1,1]": russel_axiom λ κ . «[Π]κκ'κ''»
1721  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1722interpretation "russell-axiom[exe,3,1,2]": russel_axiom λ κ . «[Π]κ'κκ''»
1723  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1724interpretation "russell-axiom[exe,3,1,3]": russel_axiom λ κ . «[Π]κ'κ''κ»
1725  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1726interpretation "russell-axiom[exe,3,2,1]": russel_axiom λ κ . «[Π]κκκ'»
1727  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1728interpretation "russell-axiom[exe,3,2,2]": russel_axiom λ κ . «[Π]κκ'κ»
1729  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1730interpretation "russell-axiom[exe,3,2,3]": russel_axiom λ κ . «[Π]κ'κκ»
1731  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1732interpretation "russell-axiom[exe,3,3]": russel_axiom λ κ . «[Π]κκκ»
1733  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1734
1735interpretation "russell-axiom[enc,1]": russel_axiom λ κ . «κ[Π]»
1736  by standard (metis "cqt:5:b[1]"[axiom_inst, THEN "→E"] "&E"(2))
1737interpretation "russell-axiom[enc,2,1]": russel_axiom λ κ . «κκ'[Π]»
1738  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E")
1739interpretation "russell-axiom[enc,2,2]": russel_axiom λ κ . «κ'κ[Π]»
1740  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
1741interpretation "russell-axiom[enc,2,3]": russel_axiom λ κ . «κκ[Π]»
1742  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
1743interpretation "russell-axiom[enc,3,1,1]": russel_axiom λ κ . «κκ'κ''[Π]»
1744  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1745interpretation "russell-axiom[enc,3,1,2]": russel_axiom λ κ . «κ'κκ''[Π]»
1746  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1747interpretation "russell-axiom[enc,3,1,3]": russel_axiom λ κ . «κ'κ''κ[Π]»
1748  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1749interpretation "russell-axiom[enc,3,2,1]": russel_axiom λ κ . «κκκ'[Π]»
1750  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1751interpretation "russell-axiom[enc,3,2,2]": russel_axiom λ κ . «κκ'κ[Π]»
1752  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1753interpretation "russell-axiom[enc,3,2,3]": russel_axiom λ κ . «κ'κκ[Π]»
1754  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1755interpretation "russell-axiom[enc,3,3]": russel_axiom λ κ . «κκκ[Π]»
1756  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1757
1758AOT_act_theorem "1-exists:1": ιx φ{x}  ∃!x φ{x}
1759proof(rule "≡I"; rule "→I")
1760  AOT_assume ιx φ{x}
1761  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1762  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1763  AOT_hence φ{a} & z (φ{z}  z = a) using hintikka "≡E" by blast
1764  AOT_hence x (φ{x} & z (φ{z}  z = x)) by (rule "∃I")
1765  AOT_thus ∃!x φ{x} using "uniqueness:1"[THEN "≡dfI"] by blast
1766next
1767  AOT_assume ∃!x φ{x}
1768  AOT_hence x (φ{x} & z (φ{z}  z = x))
1769    using "uniqueness:1"[THEN "≡dfE"] by blast
1770  then AOT_obtain b where φ{b} & z (φ{z}  z = b) using "instantiation"[rotated] by blast
1771  AOT_hence b = ιx φ{x} using hintikka "≡E" by blast
1772  AOT_thus ιx φ{x} by (metis "t=t-proper:2" "vdash-properties:6")
1773qed
1774
1775AOT_act_theorem "1-exists:2": y(y=ιx φ{x})  ∃!x φ{x}
1776  using "1-exists:1" "free-thms:1" "≡E"(6) by blast
1777
1778AOT_act_theorem "y-in:1": x = ιx φ{x}  φ{x}
1779  using "&E"(1) "→I" hintikka "≡E"(1) by blast
1780
1781AOT_act_theorem "y-in:2": z = ιx φ{x}  φ{z} using "y-in:1". (* TODO: same as above *)
1782
1783AOT_act_theorem "y-in:3": ιx φ{x}  φ{ιx φ{x}}
1784proof(rule "→I")
1785  AOT_assume ιx φ{x}
1786  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1787  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1788  moreover AOT_have φ{a} using calculation hintikka "≡E"(1) "&E" by blast
1789  ultimately AOT_show φ{ιx φ{x}} using "rule=E" by blast
1790qed
1791
1792AOT_act_theorem "y-in:4": y (y = ιx φ{x})  φ{ιx φ{x}}
1793  using "y-in:3"[THEN "→E"] "free-thms:1"[THEN "≡E"(2)] "→I" by blast
1794
1795
1796AOT_theorem "act-quant-nec": β (𝒜φ{β}  β = α)  β(𝒜𝒜φ{β}  β = α)
1797proof(rule "≡I"; rule "→I")
1798  AOT_assume β (𝒜φ{β}  β = α)
1799  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1800  AOT_hence 𝒜𝒜φ{β}  β = α for β 
1801    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
1802  AOT_thus β(𝒜𝒜φ{β}  β = α)
1803    by (rule "∀I")
1804next
1805  AOT_assume β(𝒜𝒜φ{β}  β = α)
1806  AOT_hence 𝒜𝒜φ{β}  β = α for β using "∀E" by blast
1807  AOT_hence 𝒜φ{β}  β = α for β
1808    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
1809  AOT_thus β (𝒜φ{β}  β = α)
1810    by (rule "∀I")
1811qed
1812
1813AOT_theorem "equi-desc-descA:1": x = ιx φ{x}  x = ιx(𝒜φ{x})
1814proof -
1815  AOT_have x = ιx φ{x}  z (𝒜φ{z}  z = x)  using descriptions[axiom_inst] by blast
1816  also AOT_have ...  z (𝒜𝒜φ{z}  z = x)
1817  proof(rule "≡I"; rule "→I"; rule "∀I")
1818    AOT_assume z (𝒜φ{z}  z = x)
1819    AOT_hence 𝒜φ{a}  a = x for a using "∀E" by blast
1820    AOT_thus 𝒜𝒜φ{a}  a = x for a by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
1821  next
1822    AOT_assume z (𝒜𝒜φ{z}  z = x)
1823    AOT_hence 𝒜𝒜φ{a}  a = x for a using "∀E" by blast
1824    AOT_thus 𝒜φ{a}  a = x for a  by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
1825  qed
1826  also AOT_have ...  x = ιx(𝒜φ{x})
1827    using "Commutativity of ≡"[THEN "≡E"(1)] descriptions[axiom_inst] by fast
1828  finally show ?thesis .
1829qed
1830
1831AOT_theorem "equi-desc-descA:2": ιx φ{x}  ιx φ{x} = ιx(𝒜φ{x})
1832proof(rule "→I")
1833  AOT_assume ιx φ{x}
1834  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1835  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1836  moreover AOT_have a = ιx(𝒜φ{x}) using calculation "equi-desc-descA:1"[THEN "≡E"(1)] by blast
1837  ultimately AOT_show ιx φ{x} = ιx(𝒜φ{x}) using "rule=E" by fast
1838qed
1839
1840AOT_theorem "nec-hintikka-scheme": x = ιx φ{x}  𝒜φ{x} & z(𝒜φ{z}  z = x)
1841proof -
1842  AOT_have x = ιx φ{x}  z(𝒜φ{z}  z = x) using descriptions[axiom_inst] by blast
1843  also AOT_have   (𝒜φ{x} & z(𝒜φ{z}  z = x))
1844    using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" by fast
1845  finally show ?thesis.
1846qed
1847
1848AOT_theorem "equiv-desc-eq:1": 𝒜x(φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
1849proof(rule "→I"; rule "∀I")
1850  fix β
1851  AOT_assume 𝒜x(φ{x}  ψ{x})
1852  AOT_hence 𝒜(φ{x}  ψ{x}) for x using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] "∀E"(2) by blast
1853  AOT_hence 0: 𝒜φ{x}  𝒜ψ{x} for x by (metis "Act-Basic:5" "≡E"(1))
1854  AOT_have β = ιx φ{x}  𝒜φ{β} & z(𝒜φ{z}  z = β) using "nec-hintikka-scheme" by blast
1855  also AOT_have ...  𝒜ψ{β} & z(𝒜ψ{z}  z = β)
1856  proof (rule "≡I"; rule "→I")
1857    AOT_assume 1: 𝒜φ{β} & z(𝒜φ{z}  z = β)
1858    AOT_hence 𝒜φ{z}  z = β for z using "&E" "∀E" by blast
1859    AOT_hence 𝒜ψ{z}  z = β for z using 0 "≡E" "→I" "→E" by metis
1860    AOT_hence z(𝒜ψ{z}  z = β) using "∀I" by fast
1861    moreover AOT_have 𝒜ψ{β} using "&E" 0[THEN "≡E"(1)] 1 by blast
1862    ultimately AOT_show 𝒜ψ{β} & z(𝒜ψ{z}  z = β) using "&I" by blast
1863  next
1864    AOT_assume 1: 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
1865    AOT_hence 𝒜ψ{z}  z = β for z using "&E" "∀E" by blast
1866    AOT_hence 𝒜φ{z}  z = β for z using 0 "≡E" "→I" "→E" by metis
1867    AOT_hence z(𝒜φ{z}  z = β) using "∀I" by fast
1868    moreover AOT_have 𝒜φ{β} using "&E" 0[THEN "≡E"(2)] 1 by blast
1869    ultimately AOT_show 𝒜φ{β} & z(𝒜φ{z}  z = β) using "&I" by blast
1870  qed
1871  also AOT_have ...  β = ιx ψ{x}
1872    using "Commutativity of ≡"[THEN "≡E"(1)] "nec-hintikka-scheme" by blast
1873  finally AOT_show β = ιx φ{x}  β = ιx ψ{x} .
1874qed
1875
1876AOT_theorem "equiv-desc-eq:2": ιx φ{x} & 𝒜x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1877proof(rule "→I")
1878  AOT_assume ιx φ{x} & 𝒜x(φ{x}  ψ{x})
1879  AOT_hence 0: y (y = ιx φ{x}) and
1880            1: x (x = ιx φ{x}  x = ιx ψ{x})
1881    using "&E" "free-thms:1"[THEN "≡E"(1)] "equiv-desc-eq:1" "→E" by blast+
1882  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1883  moreover AOT_have a = ιx ψ{x} using calculation 1 "∀E" "≡E"(1) by fast
1884  ultimately AOT_show ιx φ{x} = ιx ψ{x}
1885    using "rule=E" by fast
1886qed
1887
1888AOT_theorem "equiv-desc-eq:3": ιx φ{x} & x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1889  using "→I" "equiv-desc-eq:2"[THEN "→E", OF "&I"] "&E" "nec-imp-act"[THEN "→E"] by metis
1890
1891(* Note: this is a special case of "exist-nec" *)
1892AOT_theorem "equiv-desc-eq:4": ιx φ{x}  ιx φ{x}
1893proof(rule "→I")
1894  AOT_assume ιx φ{x}
1895  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1896  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1897  AOT_thus ιx φ{x}
1898    using "ex:2:a" "rule=E" by fast
1899qed
1900
1901AOT_theorem "equiv-desc-eq:5": ιx φ{x}  y (y = ιx φ{x})
1902proof(rule "→I")
1903  AOT_assume ιx φ{x}
1904  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1905  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1906  AOT_hence (a = ιx φ{x}) by (metis "id-nec:2" "vdash-properties:10")
1907  AOT_thus y (y = ιx φ{x}) by (rule "∃I")
1908qed
1909
1910AOT_act_theorem "equiv-desc-eq2:1": x (φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
1911  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"] "equiv-desc-eq:1"[THEN "→E"]
1912        "RA[1]" "deduction-theorem" by blast
1913
1914AOT_act_theorem "equiv-desc-eq2:2": ιx φ{x} & x (φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1915  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"] "equiv-desc-eq:2"[THEN "→E", OF "&I"]
1916        "RA[1]" "deduction-theorem" "&E" by metis
1917
1918context russel_axiom
1919begin
1920AOT_theorem "nec-russell-axiom": ψ{ιx φ{x}}  x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
1921proof -
1922  AOT_have b: x (x = ιx φ{x}  (𝒜φ{x} & z(𝒜φ{z}  z = x)))
1923    using "nec-hintikka-scheme" "∀I" by fast
1924  show ?thesis
1925  proof(rule "≡I"; rule "→I")
1926    AOT_assume c: ψ{ιx φ{x}}
1927    AOT_hence d: ιx φ{x} using ψ_denotes_asm by blast
1928    AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1929    then AOT_obtain a where a_def: a = ιx φ{x} using "instantiation"[rotated] by blast
1930    moreover AOT_have a = ιx φ{x}  (𝒜φ{a} & z(𝒜φ{z}  z = a)) using b "∀E" by blast
1931    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) using "≡E" by blast
1932    moreover AOT_have ψ{a}
1933    proof - 
1934      AOT_have 1: xy(x = y  y = x)
1935        by (simp add: "id-eq:2" "universal-cor")
1936      AOT_have a = ιx φ{x}   ιx φ{x} = a
1937        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
1938           (auto simp: d "universal-cor" 1)
1939      AOT_thus ψ{a}
1940        using a_def c "rule=E" "→E" by metis
1941    qed
1942    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) & ψ{a} by (rule "&I")
1943    AOT_thus x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x}) by (rule "∃I")
1944  next
1945    AOT_assume x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
1946    then AOT_obtain b where g: 𝒜φ{b} & z(𝒜φ{z}  z = b) & ψ{b} using "instantiation"[rotated] by blast
1947    AOT_hence h: b = ιx φ{x}  (𝒜φ{b} & z(𝒜φ{z}  z = b)) using b "∀E" by blast
1948    AOT_have 𝒜φ{b} & z(𝒜φ{z}  z = b) and j: ψ{b} using g "&E" by blast+
1949    AOT_hence b = ιx φ{x} using h "≡E" by blast
1950    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
1951  qed
1952qed
1953end
1954
1955AOT_theorem "actual-desc:1": ιx φ{x}  ∃!x 𝒜φ{x}
1956proof (rule "≡I"; rule "→I")
1957  AOT_assume ιx φ{x}
1958  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1959  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1960  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
1961    using descriptions[axiom_inst] by blast
1962  ultimately AOT_have z(𝒜φ{z}  z = a)
1963    using "≡E" by blast
1964  AOT_hence xz(𝒜φ{z}  z = x) by (rule "∃I")
1965  AOT_thus ∃!x 𝒜φ{x}
1966    using "uniqueness:2"[THEN "≡E"(2)] by fast
1967next
1968  AOT_assume ∃!x 𝒜φ{x}
1969  AOT_hence xz(𝒜φ{z}  z = x)
1970    using "uniqueness:2"[THEN "≡E"(1)] by fast
1971  then AOT_obtain a where z(𝒜φ{z}  z = a) using "instantiation"[rotated] by blast
1972  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
1973    using descriptions[axiom_inst] by blast
1974  ultimately AOT_have a = ιx φ{x} using "≡E" by blast
1975  AOT_thus ιx φ{x} by (metis "t=t-proper:2" "vdash-properties:6")
1976qed
1977
1978AOT_theorem "actual-desc:2": x = ιx φ{x}  𝒜φ{x}
1979  using "&E"(1) "contraposition:1[2]" "≡E"(1) "nec-hintikka-scheme" "reductio-aa:2" "vdash-properties:9" by blast
1980
1981AOT_theorem "actual-desc:3": z = ιx φ{x}  𝒜φ{z}
1982  using "actual-desc:2". (* TODO: same as above *)
1983
1984AOT_theorem "actual-desc:4": ιx φ{x}  𝒜φ{ιx φ{x}}
1985proof(rule "→I")
1986  AOT_assume ιx φ{x}
1987  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1988  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1989  AOT_thus 𝒜φ{ιx φ{x}}
1990    using "actual-desc:2" "rule=E" "→E" by fast
1991qed
1992
1993(* TODO: take another look at proof in PLM *)
1994AOT_theorem "actual-desc:5": ιx φ{x} = ιx ψ{x}  𝒜x(φ{x}  ψ{x})
1995proof(rule "→I")
1996  AOT_assume 0: ιx φ{x} = ιx ψ{x}
1997  AOT_hence φ_down: ιx φ{x} and ψ_down: ιx ψ{x}
1998    using "t=t-proper:1" "t=t-proper:2" "vdash-properties:6" by blast+
1999  AOT_hence y (y = ιx φ{x}) and y (y = ιx ψ{x}) by (metis "rule=I:1" "existential:1")+
2000  then AOT_obtain a and b where a_eq: a = ιx φ{x} and b_eq: b = ιx ψ{x}
2001    using "instantiation"[rotated] by metis
2002
2003  AOT_have αβ (α = β  β = α) by (rule "∀I"; rule "∀I"; rule "id-eq:2")
2004  AOT_hence β (ιx φ{x} = β  β = ιx φ{x})
2005    using "∀E" φ_down by blast
2006  AOT_hence ιx φ{x} = ιx ψ{x}  ιx ψ{x} = ιx φ{x}
2007    using "∀E" ψ_down by blast
2008  AOT_hence 1: ιx ψ{x} = ιx φ{x} using 0
2009    "→E" by blast
2010
2011  AOT_have 𝒜φ{x}  𝒜ψ{x} for x
2012  proof(rule "≡I"; rule "→I")
2013    AOT_assume 𝒜φ{x}
2014    moreover AOT_have 𝒜φ{x}  x = a for x
2015      using "nec-hintikka-scheme"[THEN "≡E"(1), OF a_eq, THEN "&E"(2)] "∀E" by blast
2016    ultimately AOT_have x = a using "→E" by blast
2017    AOT_hence x = ιx φ{x} using a_eq "rule=E" by blast
2018    AOT_hence x = ιx ψ{x} using 0 "rule=E" by blast
2019    AOT_thus 𝒜ψ{x} by (metis "actual-desc:3" "vdash-properties:6")
2020  next
2021    AOT_assume 𝒜ψ{x}
2022    moreover AOT_have 𝒜ψ{x}  x = b for x
2023      using "nec-hintikka-scheme"[THEN "≡E"(1), OF b_eq, THEN "&E"(2)] "∀E" by blast
2024    ultimately AOT_have x = b using "→E" by blast
2025    AOT_hence x = ιx ψ{x} using b_eq "rule=E" by blast
2026    AOT_hence x = ιx φ{x} using 1 "rule=E" by blast
2027    AOT_thus 𝒜φ{x} by (metis "actual-desc:3" "vdash-properties:6")
2028  qed
2029  AOT_hence 𝒜(φ{x}  ψ{x}) for x by (metis "Act-Basic:5" "≡E"(2))
2030  AOT_hence x 𝒜(φ{x}  ψ{x}) by (rule "∀I")
2031  AOT_thus 𝒜x (φ{x}  ψ{x})
2032    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2033qed    
2034
2035AOT_theorem "!box-desc:1": ∃!x φ{x}  y (y = ιx φ{x}  φ{y})
2036proof(rule "→I")
2037  AOT_assume ∃!x φ{x}
2038  AOT_hence ζ: x (φ{x} & z (φ{z}  z = x))
2039    using "uniqueness:1"[THEN "≡dfE"] by blast
2040  then AOT_obtain b where θ: φ{b} & z (φ{z}  z = b) using "instantiation"[rotated] by blast
2041  AOT_show y (y = ιx φ{x}  φ{y})
2042  proof(rule GEN; rule "→I")
2043    fix y
2044    AOT_assume y = ιx φ{x}
2045    AOT_hence 𝒜φ{y} & z (𝒜φ{z}  z = y) using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
2046    AOT_hence 𝒜φ{b}  b = y using "&E" "∀E" by blast
2047    moreover AOT_have 𝒜φ{b} using θ[THEN "&E"(1)]  by (metis "nec-imp-act" "→E")
2048    ultimately AOT_have b = y using "→E" by blast
2049    moreover AOT_have φ{b} using θ[THEN "&E"(1)]  by (metis "qml:2"[axiom_inst] "→E") 
2050    ultimately AOT_show φ{y} using "rule=E" by blast
2051  qed
2052qed
2053
2054AOT_theorem "!box-desc:2": x (φ{x}  φ{x})  (∃!x φ{x}  y (y = ιx φ{x}  φ{y}))
2055proof(rule "→I"; rule "→I")
2056  AOT_assume x (φ{x}  φ{x})
2057  moreover AOT_assume ∃!x φ{x}
2058  ultimately AOT_have ∃!x φ{x}
2059    using "nec-exist-!"[THEN "→E", THEN "→E"] by blast
2060  AOT_thus y (y = ιx φ{x}  φ{y})
2061    using "!box-desc:1" "→E" by blast
2062qed
2063
2064AOT_theorem "dr-alphabetic-thm": ιν φ{ν}  ιν φ{ν} = ιμ φ{μ} (* TODO: vacuous *)
2065  by (simp add: "rule=I:1" "→I")
2066
2067AOT_theorem "RM:1[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2068proof -
2069  AOT_have Γ  (φ  ψ) using "RN[prem]" assms by blast
2070  AOT_thus Γ  φ  ψ by (metis "qml:1"[axiom_inst] "→E")
2071qed
2072
2073AOT_theorem "RM:1": assumes  φ  ψ shows  φ  ψ
2074  using "RM:1[prem]" assms by blast
2075
2076lemmas RM = "RM:1"
2077
2078AOT_theorem "RM:2[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2079proof -
2080  AOT_have Γ  ¬ψ  ¬φ using assms 
2081    by (simp add: "contraposition:1[1]")
2082  AOT_hence Γ  ¬ψ  ¬φ using "RM:1[prem]" by blast
2083  AOT_thus Γ  φ  ψ
2084    by (meson "≡dfE" "≡dfI" "conventions:5" "deduction-theorem" "modus-tollens:1")
2085qed
2086
2087AOT_theorem "RM:2": assumes  φ  ψ shows  φ  ψ
2088  using "RM:2[prem]" assms by blast
2089
2090lemmas "RM◇" = "RM:2"
2091
2092AOT_theorem "RM:3[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2093proof -
2094  AOT_have Γ  φ  ψ and Γ  ψ  φ using assms "≡E" "→I" by metis+
2095  AOT_hence Γ  φ  ψ and Γ  ψ  φ using "RM:1[prem]" by metis+
2096  AOT_thus Γ  φ  ψ
2097    by (simp add: "≡I")
2098qed
2099
2100AOT_theorem "RM:3": assumes  φ  ψ shows  φ  ψ
2101  using "RM:3[prem]" assms by blast
2102
2103lemmas RE = "RM:3"
2104
2105AOT_theorem "RM:4[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2106proof -
2107  AOT_have Γ  φ  ψ and Γ  ψ  φ using assms "≡E" "→I" by metis+
2108  AOT_hence Γ  φ  ψ and Γ  ψ  φ using "RM:2[prem]" by metis+
2109  AOT_thus Γ  φ  ψ by (simp add: "≡I")
2110qed
2111
2112AOT_theorem "RM:4": assumes  φ  ψ shows  φ  ψ
2113  using "RM:4[prem]" assms by blast
2114
2115lemmas "RE◇" = "RM:4"
2116
2117AOT_theorem "KBasic:1": φ  (ψ  φ)
2118  by (simp add: RM "pl:1"[axiom_inst])
2119
2120AOT_theorem "KBasic:2": ¬φ  (φ  ψ)
2121  by (simp add: RM "useful-tautologies:3")
2122
2123AOT_theorem "KBasic:3": (φ & ψ)  (φ & ψ)
2124proof (rule "≡I"; rule "→I")
2125  AOT_assume (φ & ψ)
2126  AOT_thus φ & ψ
2127    by (meson RM "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "vdash-properties:6")
2128next
2129  AOT_have φ  (ψ  (φ & ψ)) by (simp add: "RM:1" Adjunction)
2130  AOT_hence φ  (ψ  (φ & ψ))  by (metis "Hypothetical Syllogism" "qml:1"[axiom_inst])
2131  moreover AOT_assume φ & ψ
2132  ultimately AOT_show (φ & ψ)
2133    using "→E" "&E" by blast
2134qed
2135
2136AOT_theorem "KBasic:4": (φ  ψ)  ((φ  ψ) & (ψ  φ))
2137proof -
2138  AOT_have θ: ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2139    by (fact "KBasic:3")
2140  AOT_modally_strict {
2141    AOT_have (φ  ψ)  ((φ  ψ) & (ψ  φ))
2142      by (fact "conventions:3"[THEN "≡Df"])
2143  }
2144  AOT_hence ξ: (φ  ψ)  ((φ  ψ) & (ψ  φ))
2145    by (rule RE)
2146  with ξ and θ AOT_show (φ  ψ)  ((φ  ψ) & (ψ  φ))
2147    using "≡E"(5) by blast
2148qed
2149
2150AOT_theorem "KBasic:5": ((φ  ψ) & (ψ  φ))  (φ  ψ)
2151proof -
2152  AOT_have (φ  ψ)  (φ  ψ)
2153    by (fact "qml:1"[axiom_inst])
2154  moreover AOT_have (ψ  φ)  (ψ  φ)
2155    by (fact "qml:1"[axiom_inst])
2156  ultimately AOT_have ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2157    by (metis "&I" MP "Double Composition")
2158  moreover AOT_have ((φ  ψ) & (ψ  φ))  (φ  ψ)
2159    using "conventions:3"[THEN "≡dfI"] "→I" by blast
2160  ultimately AOT_show ((φ  ψ) & (ψ  φ))  (φ  ψ)
2161    by (metis "Hypothetical Syllogism")
2162qed
2163
2164AOT_theorem "KBasic:6": (φ ψ)  (φ  ψ)
2165  using "KBasic:4" "KBasic:5" "deduction-theorem" "≡E"(1) "vdash-properties:10" by blast
2166AOT_theorem "KBasic:7": ((φ & ψ)  (¬φ & ¬ψ))  (φ  ψ)
2167proof (rule "→I"; drule "∨E"(1); (rule "→I")?)
2168  AOT_assume φ & ψ
2169  AOT_hence φ and ψ using "&E" by blast+
2170  AOT_hence (φ  ψ) and (ψ  φ) using "KBasic:1" "→E" by blast+
2171  AOT_hence (φ  ψ) & (ψ  φ) using "&I" by blast
2172  AOT_thus (φ  ψ)  by (metis "KBasic:4" "≡E"(2))
2173next
2174  AOT_assume ¬φ & ¬ψ
2175  AOT_hence 0: (¬φ & ¬ψ) using "KBasic:3"[THEN "≡E"(2)] by blast
2176  AOT_modally_strict {
2177    AOT_have (¬φ & ¬ψ)  (φ  ψ)
2178      by (metis "&E"(1) "&E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
2179  }
2180  AOT_hence (¬φ & ¬ψ)  (φ  ψ)
2181    by (rule RM)
2182  AOT_thus (φ  ψ) using 0 "→E" by blast
2183qed(auto)
2184
2185AOT_theorem "KBasic:8": (φ & ψ)  (φ  ψ)
2186  by (meson "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I")
2187AOT_theorem "KBasic:9": (¬φ & ¬ψ)  (φ  ψ)
2188  by (metis "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I" "raa-cor:4")
2189AOT_theorem "KBasic:10": φ  ¬¬φ
2190  by (simp add: "RM:3" "oth-class-taut:3:b")
2191AOT_theorem "KBasic:11": ¬φ  ¬φ
2192proof (rule "≡I"; rule "→I")
2193  AOT_show ¬φ if ¬φ
2194    using that "≡dfI" "conventions:5" "KBasic:10" "≡E"(3) by blast
2195next
2196  AOT_show ¬φ if ¬φ
2197    using "≡dfE" "conventions:5" "KBasic:10" "≡E"(4) that by blast
2198qed
2199AOT_theorem "KBasic:12": φ  ¬¬φ
2200proof (rule "≡I"; rule "→I")
2201  AOT_show ¬¬φ if φ
2202    using "¬¬I" "KBasic:11" "≡E"(3) that by blast
2203next
2204  AOT_show φ if ¬¬φ
2205  using "KBasic:11" "≡E"(1) "reductio-aa:1" that by blast
2206qed
2207AOT_theorem "KBasic:13": (φ  ψ)  (φ  ψ)
2208proof -
2209  AOT_have φ  ψ  φ  ψ by blast
2210  AOT_hence (φ  ψ)  φ  ψ
2211    using "RM:2[prem]" by blast
2212  AOT_thus (φ  ψ)  (φ  ψ) using "→I" by blast
2213qed
2214lemmas "K◇" = "KBasic:13"
2215AOT_theorem "KBasic:14": φ  ¬¬φ
2216  by (meson "RE◇" "KBasic:11" "KBasic:12" "≡E"(6) "oth-class-taut:3:a")
2217AOT_theorem "KBasic:15": (φ  ψ)  (φ  ψ)
2218proof -
2219  AOT_modally_strict {
2220    AOT_have φ  (φ  ψ) and ψ  (φ  ψ)
2221      by (auto simp: "Disjunction Addition"(1) "Disjunction Addition"(2))
2222  }
2223  AOT_hence φ  (φ  ψ) and ψ  (φ  ψ)
2224    using RM by blast+
2225  AOT_thus (φ  ψ)  (φ  ψ)
2226    by (metis "∨E"(1) "deduction-theorem")
2227qed
2228
2229AOT_theorem "KBasic:16": (φ & ψ)  (φ & ψ)
2230  by (meson "KBasic:13" "RM:1" Adjunction "Hypothetical Syllogism" Importation "vdash-properties:6")
2231
2232AOT_theorem "rule-sub-lem:1:a":
2233  assumes  (ψ  χ)
2234  shows  ¬ψ  ¬χ
2235  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2236        "≡E"(1) "oth-class-taut:4:b" by blast
2237
2238AOT_theorem "rule-sub-lem:1:b":
2239  assumes  (ψ  χ)
2240  shows  (ψ  Θ)  (χ  Θ)
2241  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2242  using "oth-class-taut:4:c" "vdash-properties:6" by blast
2243
2244AOT_theorem "rule-sub-lem:1:c":
2245  assumes  (ψ  χ)
2246  shows  (Θ  ψ)  (Θ  χ)
2247  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2248  using "oth-class-taut:4:d" "vdash-properties:6" by blast
2249
2250AOT_theorem "rule-sub-lem:1:d":
2251  assumes for arbitrary α:  (ψ{α}  χ{α})
2252  shows  α ψ{α}  α χ{α}
2253proof -
2254  AOT_modally_strict {
2255    AOT_have α (ψ{α}  χ{α})
2256      using "qml:2"[axiom_inst, THEN "→E", OF assms] "∀I" by fast
2257    AOT_hence 0: ψ{α}  χ{α} for α using "∀E" by blast
2258    AOT_show α ψ{α}  α χ{α}
2259    proof (rule "≡I"; rule "→I")
2260      AOT_assume α ψ{α}
2261      AOT_hence ψ{α} for α using "∀E" by blast
2262      AOT_hence χ{α} for α using 0 "≡E" by blast
2263      AOT_thus α χ{α} by (rule "∀I")
2264    next
2265      AOT_assume α χ{α}
2266      AOT_hence χ{α} for α using "∀E" by blast
2267      AOT_hence ψ{α} for α using 0 "≡E" by blast
2268      AOT_thus α ψ{α} by (rule "∀I")
2269    qed
2270  }
2271qed
2272
2273AOT_theorem "rule-sub-lem:1:e":
2274  assumes  (ψ  χ)
2275  shows   ψ]   χ]
2276  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2277  using "≡E"(1) "propositions-lemma:6" by blast
2278
2279AOT_theorem "rule-sub-lem:1:f":
2280  assumes  (ψ  χ)
2281  shows  𝒜ψ  𝒜χ
2282  using "qml:2"[axiom_inst, THEN "→E", OF assms, THEN "RA[2]"]
2283  by (metis "Act-Basic:5" "≡E"(1))
2284
2285AOT_theorem "rule-sub-lem:1:g":
2286  assumes  (ψ  χ)
2287  shows  ψ  χ
2288  using "KBasic:6" assms "vdash-properties:6" by blast
2289
2290text‹Note that instead of deriving @{text "rule-sub-lem:2"}, @{text "rule-sub-lem:3"}, @{text "rule-sub-lem:4"},
2291     and @{text "rule-sub-nec"}, we construct substitution methods instead.›
2292
2293class AOT_subst =
2294  fixes AOT_subst :: "('a  𝗈)  bool"
2295    and AOT_subst_cond :: "'a  'a  bool"
2296  assumes AOT_subst: "AOT_subst φ  AOT_subst_cond ψ χ  [v  «φ ψ»  «φ χ»]"
2297
2298named_theorems AOT_substI
2299
2300instantiation 𝗈 :: AOT_subst
2301begin
2302
2303inductive AOT_subst_𝗈 where
2304  AOT_subst_𝗈_id[AOT_substI]: "AOT_subst_𝗈 (λφ. φ)"
2305| AOT_subst_𝗈_const[AOT_substI]: "AOT_subst_𝗈 (λφ. ψ)"
2306| AOT_subst_𝗈_not[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «¬Θ{φ}»)"
2307| AOT_subst_𝗈_imp[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 (λ φ. «Θ{φ}  Ξ{φ}»)"
2308| AOT_subst_𝗈_lambda0[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. (AOT_lambda0 (Θ φ)))"
2309| AOT_subst_𝗈_act[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «𝒜Θ{φ}»)"
2310| AOT_subst_𝗈_box[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «Θ{φ}»)"
2311| AOT_subst_𝗈_by_def[AOT_substI]: "( ψ . AOT_model_equiv_def (Θ ψ) (Ξ ψ))  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 Θ"
2312
2313definition AOT_subst_cond_𝗈 where "AOT_subst_cond_𝗈  λ ψ χ .  v . [v  ψ  χ]"
2314
2315instance
2316proof
2317  fix ψ χ :: 𝗈 and φ :: ‹𝗈  𝗈›
2318  assume cond: ‹AOT_subst_cond ψ χ
2319  assume ‹AOT_subst φ
2320  moreover AOT_have  ψ  χ using cond unfolding AOT_subst_cond_𝗈_def by blast
2321  ultimately AOT_show  φ{ψ}  φ{χ}
2322  proof (induct arbitrary: ψ χ)
2323    case AOT_subst_𝗈_id
2324    thus ?case using "≡E"(2) "oth-class-taut:4:b" "rule-sub-lem:1:a" by blast
2325  next
2326    case (AOT_subst_𝗈_const ψ)
2327    thus ?case by (simp add: "oth-class-taut:3:a")
2328  next
2329    case (AOT_subst_𝗈_not Θ)
2330    thus ?case by (simp add: RN "rule-sub-lem:1:a")
2331  next
2332    case (AOT_subst_𝗈_imp Θ Ξ)
2333    thus ?case by (meson RN "≡E"(5) "rule-sub-lem:1:b" "rule-sub-lem:1:c")
2334  next
2335    case (AOT_subst_𝗈_lambda0 Θ)
2336    thus ?case by (simp add: RN "rule-sub-lem:1:e")
2337  next
2338    case (AOT_subst_𝗈_act Θ)
2339    thus ?case by (simp add: RN "rule-sub-lem:1:f")
2340  next
2341    case (AOT_subst_𝗈_box Θ)
2342    thus ?case by (simp add: RN "rule-sub-lem:1:g")
2343  next
2344    case (AOT_subst_𝗈_by_def Θ Ξ)
2345    AOT_modally_strict {
2346      AOT_have Ξ{ψ}  Ξ{χ} using AOT_subst_𝗈_by_def by simp
2347      AOT_thus Θ{ψ}  Θ{χ}
2348        using "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ ψ] "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ χ]
2349        by (metis "≡E"(6) "oth-class-taut:3:a")
2350    }
2351  qed
2352qed
2353end
2354
2355instantiation "fun" :: (AOT_Term_id_2, AOT_subst) AOT_subst
2356begin
2357
2358definition AOT_subst_cond_fun :: "('a  'b)  ('a  'b)  bool" where
2359  "AOT_subst_cond_fun  λ φ ψ .  α . AOT_subst_cond (φ (AOT_term_of_var α)) (ψ (AOT_term_of_var α))"
2360
2361inductive AOT_subst_fun :: "(('a  'b)  𝗈)  bool" where
2362  AOT_subst_fun_const[AOT_substI]: "AOT_subst_fun (λφ. ψ)"
2363| AOT_subst_fun_id[AOT_substI]: "AOT_subst Ψ  AOT_subst_fun (λφ. Ψ (φ (AOT_term_of_var α)))"
2364| AOT_subst_fun_all[AOT_substI]: "AOT_subst Ψ  ( α . AOT_subst_fun (Θ (AOT_term_of_var α)))  AOT_subst_fun (λφ :: 'a  'b. Ψ «α «Θ (α::'a) φ»»)"
2365| AOT_subst_fun_not[AOT_substI]: "AOT_subst Ψ  AOT_subst_fun (λφ. «¬«Ψ φ»»)"
2366| AOT_subst_fun_imp[AOT_substI]: "AOT_subst Ψ  AOT_subst Θ  AOT_subst_fun (λφ. ««Ψ φ»  «Θ φ»»)"
2367| AOT_subst_fun_lambda0[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. (AOT_lambda0 (Θ φ)))"
2368| AOT_subst_fun_act[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. «𝒜«Θ φ»»)"
2369| AOT_subst_fun_box[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. ««Θ φ»»)"
2370| AOT_subst_fun_def[AOT_substI]: "( φ . AOT_model_equiv_def (Θ φ) (Ψ φ))  AOT_subst_fun Ψ  AOT_subst_fun Θ"
2371
2372instance proof
2373  fix ψ χ :: "'a  'b" and φ :: ('a  'b)  𝗈›
2374  assume ‹AOT_subst φ
2375  moreover assume cond: ‹AOT_subst_cond ψ χ
2376  ultimately AOT_show  «φ ψ»  «φ χ»
2377  proof(induct)
2378    case (AOT_subst_fun_const ψ)
2379    then show ?case by (simp add: "oth-class-taut:3:a")
2380  next
2381  case (AOT_subst_fun_id Ψ x)
2382  then show ?case by (simp add: AOT_subst AOT_subst_cond_fun_def) 
2383  next
2384  next
2385  case (AOT_subst_fun_all Ψ Θ)
2386  AOT_have  (Θ{α, «ψ»}  Θ{α, «χ»}) for α
2387    using AOT_subst_fun_all.hyps(3) AOT_subst_fun_all.prems RN by presburger
2388  thus ?case using AOT_subst[OF AOT_subst_fun_all(1)]
2389    by (simp add: RN "rule-sub-lem:1:d" AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def)
2390  next
2391  case (AOT_subst_fun_not Ψ)
2392  then show ?case by (simp add: RN "rule-sub-lem:1:a")
2393  next
2394  case (AOT_subst_fun_imp Ψ Θ)
2395  then show ?case 
2396    unfolding AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def
2397    by (meson "≡E"(5) "oth-class-taut:4:c" "oth-class-taut:4:d" "vdash-properties:6")
2398  next
2399  case (AOT_subst_fun_lambda0 Θ)
2400  then show ?case by (simp add: RN "rule-sub-lem:1:e")
2401  next
2402  case (AOT_subst_fun_act Θ)
2403  then show ?case by (simp add: RN "rule-sub-lem:1:f")
2404  next
2405  case (AOT_subst_fun_box Θ)
2406  then show ?case by (simp add: RN "rule-sub-lem:1:g")
2407  next
2408  case (AOT_subst_fun_def Θ Ψ)
2409  then show ?case
2410    by (meson "df-rules-formulas[3]" "df-rules-formulas[4]" "≡I" "≡E"(5))
2411  qed
2412qed
2413end
2414
2415ML2416fun prove_AOT_subst_tac ctxt = REPEAT (SUBGOAL (fn (trm,_) => let
2417          fun findHeadConst (Const x) = SOME x
2418            | findHeadConst (A $ _) = findHeadConst A
2419            | findHeadConst _ = NONE
2420          fun findDef (Const (const_name‹AOT_model_equiv_def›, _) $ lhs $ _) = findHeadConst lhs
2421            | findDef (A $ B) = (case findDef A of SOME x => SOME x | _ => findDef B)
2422            | findDef (Abs (_,_,c)) = findDef c
2423            | findDef _ = NONE
2424          val const_opt = (findDef trm)
2425          val defs = case const_opt of SOME const => List.filter (fn thm => let
2426              val concl = Thm.concl_of thm
2427              val thmconst = (findDef concl)
2428              in case thmconst of SOME (c,_) => fst const = c | _ => false end) (AOT_Definitions.get ctxt)
2429              | _ => []
2430          val tac = case defs of [] => safe_step_tac (ctxt addSIs @{thms AOT_substI}) 1
2431                    | _ => resolve_tac ctxt defs 1
2432        in tac end) 1)
2433fun getSubstThm ctxt reversed phi p q = let
2434val p_ty = Term.type_of p
2435val abs = HOLogic.mk_Trueprop (@{const AOT_subst(_)} $ phi)
2436val abs = Syntax.check_term ctxt abs
2437val substThm = Goal.prove ctxt [] [] abs (fn {context=ctxt, prems=_} => prove_AOT_subst_tac ctxt)
2438val substThm = substThm RS @{thm AOT_subst}
2439in if reversed then let
2440  val substThm = Drule.instantiate_normalize ([],[((("χ", 0), p_ty), Thm.cterm_of ctxt p),
2441          ((("ψ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2442  val substThm = substThm RS @{thm "≡E"(1)}
2443  in substThm end
2444else
2445  let
2446  val substThm = Drule.instantiate_normalize ([],[((("ψ", 0), p_ty), Thm.cterm_of ctxt p),
2447          ((("χ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2448  val substThm = substThm RS @{thm "≡E"(2)}
2449  in substThm end end
2450
2451
2452method_setup AOT_subst = 2453Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
2454Scan.lift (Args.embedded_inner_syntax -- Args.embedded_inner_syntax
2455) -- Scan.option (Scan.lift (Args.$$$ "for" -- Args.colon) |-- Scan.repeat1 (Scan.lift (Args.embedded_inner_syntax) -- Scan.option (Scan.lift (Args.$$$ "::" |-- Args.embedded_inner_syntax))))
2456>> (fn ((reversed,(raw_p,raw_q)),raw_bounds) => (fn ctxt =>
2457(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _, prems = prems, asms = asms, concl = concl, schematics = _} =>
2458let
2459val thms = prems
2460val ctxt' = ctxt
2461val ctxt = Context_Position.set_visible false ctxt
2462val raw_bounds = case raw_bounds of SOME bounds => bounds | _ => []
2463
2464val ctxt = (fold (fn (bound, ty) => fn ctxt =>
2465  let
2466    val bound = AOT_read_term @{nonterminal τ'} ctxt bound
2467    val ty = Option.map (Syntax.read_typ ctxt) ty
2468    val ctxt = case ty of SOME ty => let
2469        val bound = Const ("_type_constraint_", Type ("fun", [ty,ty])) $ bound
2470        val bound = Syntax.check_term ctxt bound
2471      in Variable.declare_term bound ctxt end | _ => ctxt
2472  in ctxt end)) raw_bounds ctxt
2473
2474val p = AOT_read_term @{nonterminal φ'} ctxt raw_p
2475val p = Syntax.check_term ctxt p
2476val ctxt = Variable.declare_term p ctxt
2477val q = AOT_read_term @{nonterminal φ'} ctxt raw_q
2478val q = Syntax.check_term ctxt q
2479val ctxt = Variable.declare_term q ctxt
2480
2481val bounds = (map (fn (bound, _) => Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt bound))) raw_bounds
2482val p = fold (fn bound => fn p => let in Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,p)) end) bounds p
2483val p = Syntax.check_term ctxt p
2484val p_ty = Term.type_of p
2485
2486val pat = @{const Trueprop} $ (@{const AOT_model_valid_in} $ Var (("w",0), @{typ w}) $ (Var (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])) $ p))
2487val univ = Unify.matchers (Context.Proof ctxt) [(pat, Thm.term_of concl)]
2488val univ = hd (Seq.list_of univ) (* TODO: choose? try all? filter? *)
2489val phi = the (Envir.lookup univ (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])))
2490
2491val q = fold (fn bound => fn q => let in Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,q)) end) bounds q
2492val q = Syntax.check_term ctxt q
2493
2494(* Reparse to report bounds as fixes. *)
2495val ctxt = Context_Position.restore_visible ctxt' ctxt
2496val ctxt' = ctxt
2497fun unsource str = fst (Input.source_content (Syntax.read_input str))
2498val (_,ctxt') = Proof_Context.add_fixes (map (fn (str,_) => (Binding.make (unsource str, Position.none), NONE, Mixfix.NoSyn)) raw_bounds) ctxt'
2499val _ = (map (fn (x,_) => Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt' x))) raw_bounds
2500val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_p
2501val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_q
2502
2503in
2504resolve_tac ctxt [getSubstThm ctxt (case reversed of SOME x => true | _ => false) phi p q] 1
2505THEN simp_tac (ctxt addsimps [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}]) 1
2506THEN (REPEAT (resolve_tac ctxt [@{thm allI}] 1))
2507THEN (TRY (resolve_tac ctxt thms 1))
2508end
2509) ctxt 1))))
2510
2511
2512method_setup AOT_subst_def = 2513Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
2514Attrib.thm
2515>> (fn (reversed,fact) => (fn ctxt =>
2516(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _, prems = prems, asms = asms, concl = concl, schematics = _} =>
2517let
2518val c = Thm.concl_of fact
2519val (lhs, rhs) = case c of (const‹Trueprop› $ (const‹AOT_model_equiv_def› $ lhs $ rhs)) => (lhs, rhs)
2520  | _ => raise Fail "Definition expected."
2521val substCond = HOLogic.mk_Trueprop (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
2522val substCond = Syntax.check_term (Proof_Context.set_mode Proof_Context.mode_schematic ctxt) substCond
2523val substCondThm = Goal.prove ctxt [] [] substCond (fn {context=ctxt, prems=prems} =>
2524      (SUBGOAL (fn (trm,int) =>
2525        auto_tac (ctxt addsimps [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}, fact RS @{thm "≡Df"}])) 1))
2526val substThm = substCondThm RSN (2,@{thm AOT_subst})
2527in
2528resolve_tac ctxt [substThm RS (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
2529THEN prove_AOT_subst_tac ctxt
2530THEN (TRY (resolve_tac ctxt prems 1))
2531end
2532) ctxt 1))))
2533
2534
2535method_setup AOT_subst_thm = 2536Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
2537Attrib.thm
2538>> (fn (reversed,fact) => (fn ctxt =>
2539(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _, prems = prems, asms = asms, concl = concl, schematics = _} =>
2540let
2541val c = Thm.concl_of fact
2542val (lhs, rhs) = case c of (const‹Trueprop› $ (const‹AOT_model_valid_in› $ _ $ (const‹AOT_equiv› $ lhs $ rhs))) => (lhs, rhs)
2543  | _ => raise Fail "Equivalence expected."
2544
2545val substCond = HOLogic.mk_Trueprop (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
2546val substCond = Syntax.check_term (Proof_Context.set_mode Proof_Context.mode_schematic ctxt) substCond
2547val substCondThm = Goal.prove ctxt [] [] substCond (fn {context=ctxt, prems=prems} =>
2548      (SUBGOAL (fn (trm,int) => auto_tac (ctxt addsimps [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}, fact])) 1))
2549val substThm = substCondThm RSN (2,@{thm AOT_subst})
2550in
2551resolve_tac ctxt [substThm RS (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
2552THEN prove_AOT_subst_tac ctxt
2553THEN (TRY (resolve_tac ctxt prems 1))
2554end
2555) ctxt 1))))
2556
2557
2558AOT_theorem "rule-sub-remark:1[1]": assumes  A!x  ¬E!x and ¬A!x shows ¬¬E!x
2559  by (AOT_subst (reverse) ¬E!x A!x)
2560     (auto simp: assms) 
2561
2562AOT_theorem "rule-sub-remark:1[2]": assumes  A!x  ¬E!x and  ¬¬E!x shows ¬A!x
2563  by (AOT_subst A!x ¬E!x)
2564     (auto simp: assms)
2565
2566AOT_theorem "rule-sub-remark:2[1]":
2567  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a)) and p  [R]xy shows p  [R]xy & ([Q]a  ¬[Q]a)
2568  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2569
2570AOT_theorem "rule-sub-remark:2[2]":
2571  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a)) and p  [R]xy & ([Q]a  ¬[Q]a) shows p  [R]xy
2572  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2573
2574AOT_theorem "rule-sub-remark:3[1]":
2575  assumes for arbitrary x:  A!x  ¬E!x
2576      and x A!x
2577    shows x ¬E!x
2578  by (AOT_subst (reverse) ¬E!x A!x for: x)
2579     (auto simp: assms)
2580
2581AOT_theorem "rule-sub-remark:3[2]":
2582  assumes for arbitrary x:  A!x  ¬E!x
2583      and x ¬E!x
2584    shows x A!x
2585  by (AOT_subst A!x ¬E!x for: x)
2586     (auto simp: assms)
2587
2588AOT_theorem "rule-sub-remark:4[1]":
2589  assumes  ¬¬[P]x  [P]x and 𝒜¬¬[P]x shows 𝒜[P]x
2590  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2591
2592AOT_theorem "rule-sub-remark:4[2]":
2593  assumes  ¬¬[P]x  [P]x and 𝒜[P]x shows 𝒜¬¬[P]x
2594  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2595
2596AOT_theorem "rule-sub-remark:5[1]":
2597  assumes  (φ  ψ)  (¬ψ  ¬φ) and (φ  ψ) shows (¬ψ  ¬φ)
2598  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2599
2600AOT_theorem "rule-sub-remark:5[2]":
2601  assumes  (φ  ψ)  (¬ψ  ¬φ) and (¬ψ  ¬φ) shows (φ  ψ) 
2602  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2603
2604AOT_theorem "rule-sub-remark:6[1]":
2605  assumes  ψ  χ and (φ  ψ) shows (φ  χ) 
2606  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2607
2608AOT_theorem "rule-sub-remark:6[2]":
2609  assumes  ψ  χ and (φ  χ) shows (φ  ψ)
2610  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2611
2612AOT_theorem "rule-sub-remark:7[1]":
2613  assumes  φ  ¬¬φ and (φ  φ) shows (¬¬φ  φ) 
2614  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2615
2616AOT_theorem "rule-sub-remark:7[2]":
2617  assumes  φ  ¬¬φ and (¬¬φ  φ) shows  (φ  φ)
2618  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2619
2620AOT_theorem "KBasic2:1": ¬φ  ¬φ
2621  by (meson "conventions:5" "contraposition:2" "Hypothetical Syllogism" "df-rules-formulas[3]"
2622            "df-rules-formulas[4]" "≡I" "useful-tautologies:1")
2623
2624AOT_theorem "KBasic2:2": (φ  ψ)  (φ  ψ)
2625proof -
2626  AOT_have (φ  ψ)  ¬(¬φ & ¬ψ)
2627    by (simp add: "RE◇" "oth-class-taut:5:b")
2628  also AOT_have   ¬(¬φ & ¬ψ)
2629    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
2630  also AOT_have   ¬(¬φ & ¬ψ)
2631    using "KBasic:3" "≡E"(1) "oth-class-taut:4:b" by blast
2632  also AOT_have   ¬(¬φ & ¬ψ)
2633    using "KBasic2:1"
2634    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ; auto simp: "oth-class-taut:3:a")
2635  also AOT_have   ¬¬(φ  ψ)
2636    using "≡E"(6) "oth-class-taut:3:b" "oth-class-taut:5:b" by blast
2637  also AOT_have   φ  ψ
2638    by (simp add: "≡I" "useful-tautologies:1" "useful-tautologies:2")
2639  finally show ?thesis .
2640qed
2641
2642AOT_theorem "KBasic2:3": (φ & ψ)  (φ & ψ)
2643  by (metis "RM◇" "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "deduction-theorem" "modus-tollens:1" "reductio-aa:1")
2644
2645AOT_theorem "KBasic2:4": (φ  ψ)  (φ  ψ)
2646proof -
2647  AOT_have (φ  ψ)  (¬φ  ψ)
2648    by (AOT_subst φ  ψ ¬φ  ψ)
2649       (auto simp: "oth-class-taut:1:c" "oth-class-taut:3:a")
2650  also AOT_have ...  ¬φ  ψ
2651    by (simp add: "KBasic2:2")
2652  also AOT_have ...  ¬φ  ψ
2653    by (AOT_subst ¬φ ¬φ)
2654       (auto simp: "KBasic:11" "oth-class-taut:3:a")
2655  also AOT_have ...  φ  ψ
2656    using "≡E"(6) "oth-class-taut:1:c" "oth-class-taut:3:a" by blast
2657  finally show ?thesis .
2658qed
2659
2660AOT_theorem "KBasic2:5": φ  ¬¬φ
2661  using "conventions:5"[THEN "≡Df"]
2662  by (AOT_subst φ ¬¬φ; AOT_subst ¬¬φ ¬¬¬¬φ; AOT_subst (reverse) ¬¬¬φ ¬φ)
2663     (auto simp: "oth-class-taut:3:b" "oth-class-taut:3:a")
2664
2665
2666AOT_theorem "KBasic2:6": (φ  ψ)  (φ  ψ)
2667proof(rule "→I"; rule "raa-cor:1")
2668  AOT_assume (φ  ψ)
2669  AOT_hence (¬φ  ψ)
2670    using "conventions:2"[THEN "≡Df"]
2671    by (AOT_subst (reverse) ¬φ  ψ φ  ψ) simp
2672  AOT_hence 1: ¬φ  ψ using "KBasic:13" "vdash-properties:10" by blast
2673  AOT_assume ¬(φ  ψ)
2674  AOT_hence ¬φ and ¬ψ using "&E" "≡E"(1) "oth-class-taut:5:d" by blast+
2675  AOT_thus ψ & ¬ψ using "&I"(1) 1[THEN "→E"] "KBasic:11" "≡E"(4) "raa-cor:3" by blast
2676qed
2677
2678AOT_theorem "KBasic2:7": ((φ  ψ) & ¬φ)  ψ
2679proof(rule "→I"; frule "&E"(1); drule "&E"(2))
2680  AOT_assume (φ  ψ)
2681  AOT_hence 1: φ  ψ
2682    using "KBasic2:6" "∨I"(2) "∨E"(1) by blast
2683  AOT_assume ¬φ
2684  AOT_hence ¬φ using "KBasic:11" "≡E"(2) by blast
2685  AOT_thus ψ using 1 "∨E"(2) by blast
2686qed
2687
2688AOT_theorem "T-S5-fund:1": φ  φ
2689  by (meson "≡dfI" "conventions:5" "contraposition:2" "Hypothetical Syllogism" "deduction-theorem" "qml:2"[axiom_inst])
2690lemmas "T◇" = "T-S5-fund:1"
2691
2692AOT_theorem "T-S5-fund:2": φ  φ
2693proof(rule "→I")
2694  AOT_assume φ
2695  AOT_hence ¬¬φ
2696    using "KBasic:14" "≡E"(4) "raa-cor:3" by blast
2697  moreover AOT_have ¬φ  ¬φ
2698    by (fact "qml:3"[axiom_inst])
2699  ultimately AOT_have ¬¬φ
2700    using "modus-tollens:1" by blast
2701  AOT_thus φ using "KBasic:12" "≡E"(2) by blast
2702qed
2703lemmas "5◇" = "T-S5-fund:2"
2704
2705(* Also interestingly none of these have proofs in PLM. *)
2706AOT_theorem "Act-Sub:1": 𝒜φ  ¬𝒜¬φ
2707  by (AOT_subst 𝒜¬φ ¬𝒜φ)
2708     (auto simp: "logic-actual-nec:1"[axiom_inst] "oth-class-taut:3:b")
2709
2710AOT_theorem "Act-Sub:2": φ  𝒜φ
2711  using "conventions:5"[THEN "≡Df"]
2712  by (AOT_subst φ ¬¬φ)
2713     (metis "deduction-theorem" "≡I" "≡E"(1) "≡E"(2) "≡E"(3)
2714            "logic-actual-nec:1"[axiom_inst] "qml-act:2"[axiom_inst])
2715
2716AOT_theorem "Act-Sub:3": 𝒜φ  φ
2717  using "conventions:5"[THEN "≡Df"]
2718  by (AOT_subst φ ¬¬φ)
2719     (metis "Act-Sub:1" "deduction-theorem" "≡E"(4) "nec-imp-act" "reductio-aa:2" "→E")
2720
2721
2722AOT_theorem "Act-Sub:4": 𝒜φ  𝒜φ
2723proof (rule "≡I"; rule "→I")
2724  AOT_assume 𝒜φ
2725  AOT_thus 𝒜φ using "T◇" "vdash-properties:10" by blast
2726next
2727  AOT_assume 𝒜φ
2728  AOT_hence ¬¬𝒜φ
2729    using "≡dfE" "conventions:5" by blast
2730  AOT_hence ¬𝒜¬φ
2731    by (AOT_subst 𝒜¬φ ¬𝒜φ)
2732       (simp add: "logic-actual-nec:1"[axiom_inst])
2733  AOT_thus 𝒜φ
2734      using "Act-Basic:1" "Act-Basic:6" "∨E"(3) "≡E"(4) "reductio-aa:1" by blast
2735qed
2736
2737AOT_theorem "Act-Sub:5": 𝒜φ  𝒜φ
2738  by (metis "Act-Sub:2" "Act-Sub:3" "Act-Sub:4" "deduction-theorem" "≡E"(1) "≡E"(2) "vdash-properties:6")
2739
2740AOT_theorem "S5Basic:1": φ  φ
2741  by (simp add: "≡I" "qml:2" "qml:3" "vdash-properties:1[2]")
2742
2743AOT_theorem "S5Basic:2": φ  φ
2744  by (simp add: "T◇" "5◇" "≡I")
2745
2746AOT_theorem "S5Basic:3": φ  φ
2747  using "T◇" "Hypothetical Syllogism" "qml:3" "vdash-properties:1[2]" by blast
2748lemmas "B" = "S5Basic:3"
2749
2750AOT_theorem "S5Basic:4": φ  φ
2751  using "5◇" "Hypothetical Syllogism" "qml:2" "vdash-properties:1[2]" by blast
2752lemmas "B◇" = "S5Basic:4"
2753
2754AOT_theorem "S5Basic:5": φ  φ
2755  using "RM:1" "B" "5◇" "Hypothetical Syllogism" by blast
2756lemmas "4" = "S5Basic:5"
2757
2758AOT_theorem "S5Basic:6": φ  φ
2759  by (simp add: "4" "≡I" "qml:2"[axiom_inst])
2760
2761AOT_theorem "S5Basic:7": φ  φ
2762  using "conventions:5"[THEN "≡Df"] "oth-class-taut:3:b"
2763  by (AOT_subst φ ¬¬φ;
2764      AOT_subst φ ¬¬φ;
2765      AOT_subst (reverse) ¬¬¬φ ¬φ;
2766      AOT_subst (reverse) ¬φ ¬φ)
2767     (auto simp: "S5Basic:6" "if-p-then-p")
2768
2769lemmas "4◇" = "S5Basic:7"
2770
2771AOT_theorem "S5Basic:8": φ  φ
2772  by (simp add: "4◇" "T◇" "≡I")
2773
2774AOT_theorem "S5Basic:9": (φ  ψ)  (φ  ψ)
2775  apply (rule "≡I"; rule "→I")
2776  using "KBasic2:6" "5◇" "∨I"(3) "if-p-then-p" "vdash-properties:10" apply blast
2777  by (meson "KBasic:15" "4" "∨I"(3) "∨E"(1) "Disjunction Addition"(1) "con-dis-taut:7"
2778            "intro-elim:1" "Commutativity of ∨")
2779
2780AOT_theorem "S5Basic:10": (φ  ψ)  (φ  ψ)
2781(* Note: nicely this proof is entirely sledgehammer generated *)
2782proof(rule "≡I"; rule "→I")
2783  AOT_assume (φ  ψ)
2784  AOT_hence φ  ψ
2785    by (meson "KBasic2:6" "∨I"(2) "∨E"(1))
2786  AOT_thus φ  ψ
2787    by (meson "B◇" "4" "4◇" "T◇" "∨I"(3))
2788next
2789  AOT_assume φ  ψ
2790  AOT_hence φ  ψ
2791    by (meson "S5Basic:1" "B◇" "S5Basic:6" "T◇" "5◇" "∨I"(3) "intro-elim:1")
2792  AOT_thus (φ  ψ)
2793    by (meson "KBasic:15" "∨I"(3) "∨E"(1) "Disjunction Addition"(1) "Disjunction Addition"(2))
2794qed
2795
2796AOT_theorem "S5Basic:11": (φ & ψ)  (φ & ψ)
2797proof -
2798  AOT_have (φ & ψ)  ¬(¬φ  ¬ψ)
2799    by (AOT_subst φ & ψ ¬(¬φ  ¬ψ))
2800       (auto simp: "oth-class-taut:5:a" "oth-class-taut:3:a")
2801  also AOT_have   ¬(¬φ  ¬ψ)
2802    by (AOT_subst ¬ψ ¬ψ)
2803       (auto simp: "KBasic2:1" "oth-class-taut:3:a")
2804  also AOT_have   ¬(¬φ  ¬ψ)
2805    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
2806  also AOT_have   ¬(¬φ  ¬ψ)
2807    using "S5Basic:9" "≡E"(1) "oth-class-taut:4:b" by blast
2808  also AOT_have   ¬(¬φ  ¬ψ)
2809    using "KBasic2:1"
2810    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ)
2811       (auto simp:  "oth-class-taut:3:a")
2812  also AOT_have   φ & ψ
2813    using "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:a" by blast
2814  finally show ?thesis .
2815qed
2816
2817AOT_theorem "S5Basic:12": (φ & ψ)  (φ & ψ)
2818proof (rule "≡I"; rule "→I")
2819  AOT_assume (φ & ψ)
2820  AOT_hence φ & ψ
2821    using "KBasic2:3" "vdash-properties:6" by blast
2822  AOT_thus φ & ψ
2823    using "5◇" "&I" "&E"(1) "&E"(2) "vdash-properties:6" by blast
2824next
2825  AOT_assume φ & ψ
2826  moreover AOT_have (ψ & φ)  (φ & ψ)
2827    by (AOT_subst φ & ψ ψ & φ)
2828       (auto simp: "Commutativity of &" "KBasic:16")
2829  ultimately AOT_show (φ & ψ)
2830    by (metis "4" "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "vdash-properties:6")
2831qed
2832
2833
2834AOT_theorem "S5Basic:13": (φ  ψ)  (φ  ψ)
2835proof (rule "≡I")
2836  AOT_modally_strict {
2837    AOT_have (φ  ψ)  (φ  ψ)
2838      by (meson "KBasic:13" "B◇" "Hypothetical Syllogism" "deduction-theorem")
2839  }
2840  AOT_hence (φ  ψ)  (φ  ψ)
2841    by (rule RM)
2842  AOT_thus  (φ  ψ)  (φ  ψ)
2843    using "4" "Hypothetical Syllogism" by blast
2844next
2845  AOT_modally_strict {
2846    AOT_have (φ  ψ)  (φ  ψ)
2847      by (meson "B" "Hypothetical Syllogism" "deduction-theorem" "qml:1" "vdash-properties:1[2]")
2848  }
2849  AOT_hence  (φ  ψ)  (φ  ψ)
2850    by (rule RM)
2851  AOT_thus (φ  ψ)  (φ  ψ)
2852    using "4" "Hypothetical Syllogism" by blast
2853qed
2854
2855AOT_theorem "derived-S5-rules:1":
2856  assumes Γ  φ  ψ shows Γ  φ  ψ
2857proof -
2858  AOT_have Γ  φ  ψ
2859    using assms by (rule "RM:1[prem]")
2860  AOT_thus Γ  φ  ψ
2861    using "B" "Hypothetical Syllogism" by blast
2862qed
2863
2864AOT_theorem "derived-S5-rules:2":
2865  assumes Γ  φ  ψ shows Γ  φ  ψ
2866proof -
2867  AOT_have Γ  φ  ψ
2868    using assms by (rule "RM:2[prem]")
2869  AOT_thus Γ  φ  ψ
2870    using "B◇" "Hypothetical Syllogism" by blast
2871qed
2872
2873AOT_theorem "BFs:1": α φ{α}  α φ{α}
2874proof -
2875  AOT_modally_strict {
2876    AOT_modally_strict {
2877      AOT_have α φ{α}  φ{α} for α by (fact AOT)
2878    }
2879    AOT_hence α φ{α}  φ{α} for α by (rule "RM◇")
2880    AOT_hence α φ{α}  α φ{α}
2881      using "B◇" "∀I" "→E" "→I" by metis
2882  }
2883  thus ?thesis using "derived-S5-rules:1" by blast
2884qed
2885lemmas "BF" = "BFs:1"
2886
2887AOT_theorem "BFs:2": α φ{α}  α φ{α}
2888proof -
2889  AOT_have α φ{α}  φ{α} for α using RM "cqt-orig:3" by metis
2890  thus ?thesis using  "cqt-orig:2"[THEN "→E"] "∀I" by metis
2891qed
2892lemmas "CBF" = "BFs:2"
2893
2894AOT_theorem "BFs:3": α φ{α}  α φ{α}
2895proof(rule "→I")
2896  AOT_modally_strict {
2897    AOT_have α ¬φ{α}  α ¬φ{α}
2898      using BF CBF "≡I" by blast
2899  } note θ = this
2900
2901  AOT_assume α φ{α}
2902  AOT_hence ¬¬(α φ{α})
2903    using "≡dfE" "conventions:5" by blast
2904  AOT_hence ¬α ¬φ{α}
2905    apply (AOT_subst α ¬φ{α} ¬(α φ{α}))
2906    using "≡dfI" "conventions:3" "conventions:4" "&I" "contraposition:2" "cqt-further:4"
2907          "df-rules-formulas[1]" "vdash-properties:1[2]" by blast
2908  AOT_hence ¬α ¬φ{α}
2909    apply (AOT_subst (reverse) α ¬φ{α} α ¬φ{α})
2910    using θ by blast
2911  AOT_hence ¬α ¬¬¬φ{α}
2912    by (AOT_subst (reverse) ¬¬¬φ{α} ¬φ{α} for: α)
2913       (simp add: "oth-class-taut:3:b")
2914  AOT_hence α ¬¬φ{α}
2915    by (rule "conventions:4"[THEN "≡dfI"])
2916  AOT_thus α φ{α}
2917    using "conventions:5"[THEN "≡Df"]
2918    by (AOT_subst φ{α} ¬¬φ{α} for: α)
2919qed
2920lemmas "BF◇" = "BFs:3"
2921
2922AOT_theorem "BFs:4": α φ{α}  α φ{α}
2923proof(rule "→I")
2924  AOT_assume α φ{α}
2925  AOT_hence ¬α ¬φ{α}
2926    using "conventions:4"[THEN "≡dfE"] by blast
2927  AOT_hence ¬α ¬φ{α}
2928    using "KBasic2:1"
2929    by (AOT_subst ¬φ{α} ¬φ{α} for: α)
2930  moreover AOT_have α ¬φ{α}  α ¬φ{α}
2931    using "≡I" "BF" "CBF" by metis
2932  ultimately AOT_have 1: ¬α ¬φ{α}
2933    using "≡E"(3) by blast
2934  AOT_show α φ{α}
2935    apply (rule "conventions:5"[THEN "≡dfI"])
2936    apply (AOT_subst α φ{α} ¬α ¬φ{α})
2937     apply (simp add: "conventions:4" "≡Df")
2938    apply (AOT_subst ¬¬α ¬φ{α} α ¬φ{α})
2939    by (auto simp: 1 "≡I" "useful-tautologies:1" "useful-tautologies:2")
2940qed
2941lemmas "CBF◇" = "BFs:4"
2942
2943AOT_theorem "sign-S5-thm:1": α φ{α}  α φ{α}
2944proof(rule "→I")
2945  AOT_assume α φ{α}
2946  then AOT_obtain α where φ{α} using "∃E" by metis
2947  moreover AOT_have α
2948    by (simp add: "ex:1:a" "rule-ui:2[const_var]" RN)
2949  moreover AOT_have φ{τ}, τ  α φ{α} for τ
2950  proof -
2951    AOT_have φ{τ}, τ  α φ{α} using "existential:1" by blast
2952    AOT_thus φ{τ}, τ  α φ{α}
2953      using "RN[prem]"[where Γ="{φ τ, «τ»}", simplified] by blast
2954  qed
2955  ultimately AOT_show α φ{α} by blast
2956qed
2957lemmas Buridan = "sign-S5-thm:1"
2958
2959AOT_theorem "sign-S5-thm:2": α φ{α}  α φ{α}
2960proof -
2961  AOT_have α (α φ{α}  φ{α})
2962    by (simp add: "RM◇" "cqt-orig:3" "∀I")
2963  AOT_thus α φ{α}  α φ{α}
2964    using "∀E"(4) "∀I" "→E" "→I" by metis
2965qed
2966lemmas "Buridan◇" = "sign-S5-thm:2"
2967
2968AOT_theorem "sign-S5-thm:3": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
2969  apply (rule "RM:2")
2970  by (metis (no_types, lifting) "instantiation" "&I" "&E"(1)
2971                                "&E"(2) "deduction-theorem" "existential:2[const_var]")
2972
2973AOT_theorem "sign-S5-thm:4": α (φ{α} & ψ{α})  α φ{α}
2974  apply (rule "RM:2")
2975  by (meson "instantiation" "&E"(1) "deduction-theorem" "existential:2[const_var]")
2976
2977AOT_theorem "sign-S5-thm:5": (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α (φ{α}  χ{α})
2978proof -
2979  {
2980    fix φ' ψ' χ'
2981    AOT_assume  φ' & ψ'  χ'
2982    AOT_hence φ' & ψ'  χ'
2983      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
2984      using "&E" "&I" "→E" "→I" by metis
2985  } note R = this
2986  show ?thesis by (rule R; fact AOT)
2987qed
2988
2989AOT_theorem "sign-S5-thm:6": (α (φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α(φ{α}  χ{α})
2990proof -
2991  {
2992    fix φ' ψ' χ'
2993    AOT_assume  φ' & ψ'  χ'
2994    AOT_hence φ' & ψ'  χ'
2995      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
2996      using "&E" "&I" "→E" "→I" by metis
2997  } note R = this
2998  show ?thesis by (rule R; fact AOT)
2999qed
3000
3001AOT_theorem "exist-nec2:1": τ  τ
3002  using "B◇" "RM◇" "Hypothetical Syllogism" "exist-nec" by blast
3003
3004AOT_theorem "exists-nec2:2": τ  τ
3005  by (meson "Act-Sub:3" "Hypothetical Syllogism" "exist-nec" "exist-nec2:1" "≡I" "nec-imp-act")
3006
3007AOT_theorem "exists-nec2:3": ¬τ  ¬τ
3008  using "KBasic2:1" "deduction-theorem" "exist-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3009
3010AOT_theorem "exists-nec2:4": ¬τ  ¬τ
3011  by (metis "Act-Sub:3" "KBasic:12" "deduction-theorem" "exist-nec" "exists-nec2:3" "≡I" "≡E"(4) "nec-imp-act" "reductio-aa:1")
3012
3013AOT_theorem "id-nec2:1": α = β  α = β
3014  using "B◇" "RM◇" "Hypothetical Syllogism" "id-nec:1" by blast
3015
3016AOT_theorem "id-nec2:2": α  β  α  β
3017  apply (AOT_subst α  β ¬(α = β))
3018  using "=-infix"[THEN "≡Df"] apply blast
3019  using "KBasic2:1" "deduction-theorem" "id-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3020
3021AOT_theorem "id-nec2:3": α  β  α  β
3022  apply (AOT_subst α  β ¬(α = β))
3023  using "=-infix"[THEN "≡Df"] apply blast
3024  by (metis "KBasic:11" "deduction-theorem" "id-nec:2" "≡E"(3) "reductio-aa:2" "vdash-properties:6")
3025
3026AOT_theorem "id-nec2:4": α = β  α = β
3027  using "Hypothetical Syllogism" "id-nec2:1" "id-nec:1" by blast
3028
3029AOT_theorem "id-nec2:5": α  β  α  β
3030  using "id-nec2:3" "id-nec2:2" "→I" "→E" by metis
3031
3032AOT_theorem "sc-eq-box-box:1": (φ  φ)  (φ  φ)
3033  apply (rule "≡I"; rule "→I")
3034  using "KBasic:13" "5◇" "Hypothetical Syllogism" "vdash-properties:10" apply blast
3035  by (metis "KBasic2:1" "KBasic:1" "KBasic:2" "S5Basic:13" "≡E"(2) "raa-cor:5" "vdash-properties:6")
3036
3037AOT_theorem "sc-eq-box-box:2": ((φ  φ)  (φ  φ))  (φ  φ)
3038  by (metis "Act-Sub:3" "KBasic:13" "5◇" "∨E"(2) "deduction-theorem" "≡I" "nec-imp-act" "raa-cor:2" "vdash-properties:10")
3039
3040AOT_theorem "sc-eq-box-box:3": (φ  φ)  (¬φ  ¬φ)
3041proof (rule "→I"; rule "≡I"; rule "→I")
3042  AOT_assume (φ  φ)
3043  AOT_hence φ  φ using "sc-eq-box-box:1" "≡E" by blast
3044  moreover AOT_assume ¬φ
3045  ultimately AOT_have ¬φ
3046    using "modus-tollens:1" by blast
3047  AOT_thus ¬φ
3048    using "KBasic2:1" "≡E"(2) by blast
3049next
3050  AOT_assume (φ  φ)
3051  moreover AOT_assume ¬φ
3052  ultimately AOT_show ¬φ
3053    using "modus-tollens:1" "qml:2" "vdash-properties:10" "vdash-properties:1[2]" by blast
3054qed
3055
3056AOT_theorem "sc-eq-box-box:4": ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3057proof(rule "→I"; rule "→I")
3058  AOT_assume θ: (φ  φ) & (ψ  ψ)
3059  AOT_assume ξ: φ  ψ
3060  AOT_hence (φ & ψ)  (¬φ & ¬ψ)
3061    using "≡E"(4) "oth-class-taut:4:g" "raa-cor:3" by blast
3062  moreover {
3063    AOT_assume φ & ψ
3064    AOT_hence (φ  ψ)
3065      using "KBasic:3" "KBasic:8" "≡E"(2) "vdash-properties:10" by blast
3066  }
3067  moreover {
3068    AOT_assume ¬φ & ¬ψ
3069    moreover AOT_have ¬φ  ¬φ and ¬ψ  ¬ψ
3070      using θ "Conjunction Simplification"(1) "Conjunction Simplification"(2) "sc-eq-box-box:3" "vdash-properties:10" by metis+
3071    ultimately AOT_have ¬φ & ¬ψ
3072      by (metis "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "≡E"(4) "modus-tollens:1" "raa-cor:3")
3073    AOT_hence (φ  ψ)
3074      using "KBasic:3" "KBasic:9" "≡E"(2) "vdash-properties:10" by blast
3075  }
3076  ultimately AOT_show (φ  ψ)
3077    using "∨E"(2) "reductio-aa:1" by blast
3078qed
3079
3080AOT_theorem "sc-eq-box-box:5": ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3081proof (rule "→I")
3082  AOT_assume ((φ  φ) & (ψ  ψ))
3083  AOT_hence ((φ  φ) & (ψ  ψ))
3084    using 4[THEN "→E"] "&E" "&I" "KBasic:3" "≡E"(2) by metis
3085  moreover AOT_have ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3086  proof (rule RM; rule "→I"; rule "→I")
3087    AOT_modally_strict {
3088      AOT_assume A: ((φ  φ) & (ψ  ψ))
3089      AOT_hence φ  φ and ψ  ψ
3090        using "&E" "qml:2"[axiom_inst] "→E" by blast+
3091      moreover AOT_assume φ  ψ
3092      ultimately AOT_have φ  ψ
3093        using "→E" "qml:2"[axiom_inst] "≡E" "≡I" by meson
3094      moreover AOT_have (φ  ψ)  (φ  ψ)
3095        using A "sc-eq-box-box:4" "→E" by blast
3096      ultimately AOT_show (φ  ψ) using "→E" by blast
3097    }
3098  qed
3099  ultimately AOT_show ((φ  ψ)  (φ  ψ)) using "→E" by blast
3100qed
3101
3102AOT_theorem "sc-eq-box-box:6": (φ  φ)  ((φ  ψ)  (φ  ψ))
3103proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3104  AOT_assume ¬(φ  ψ)
3105  AOT_hence ¬(φ  ψ) by (metis "KBasic:11" "≡E"(1))
3106  AOT_hence (φ & ¬ψ)
3107    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3108       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3109  AOT_hence φ and 2: ¬ψ using "KBasic2:3"[THEN "→E"] "&E" by blast+
3110  moreover AOT_assume (φ  φ)
3111  ultimately AOT_have φ by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3112  AOT_hence φ using "qml:2"[axiom_inst, THEN "→E"] by blast
3113  moreover AOT_assume φ  ψ
3114  ultimately AOT_have ψ using "→E" by blast
3115  moreover AOT_have ¬ψ using 2 "KBasic:12" "¬¬I" "intro-elim:3:d" by blast
3116  ultimately AOT_show ψ & ¬ψ using "&I" by blast
3117qed
3118
3119AOT_theorem "sc-eq-box-box:7": (φ  φ)  ((φ  𝒜ψ)  𝒜(φ  ψ))
3120proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3121  AOT_assume ¬𝒜(φ  ψ)
3122  AOT_hence 𝒜¬(φ  ψ) by (metis "Act-Basic:1" "∨E"(2))
3123  AOT_hence 𝒜(φ & ¬ψ)
3124    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3125       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3126  AOT_hence 𝒜φ and 2: 𝒜¬ψ using "Act-Basic:2"[THEN "≡E"(1)] "&E" by blast+
3127  AOT_hence φ by (metis "Act-Sub:3" "→E")
3128  moreover AOT_assume (φ  φ)
3129  ultimately AOT_have φ by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3130  AOT_hence φ using "qml:2"[axiom_inst, THEN "→E"] by blast
3131  moreover AOT_assume φ  𝒜ψ
3132  ultimately AOT_have 𝒜ψ using "→E" by blast
3133  moreover AOT_have ¬𝒜ψ using 2 by (meson "Act-Sub:1" "≡E"(4) "raa-cor:3")
3134  ultimately AOT_show 𝒜ψ & ¬𝒜ψ using "&I" by blast
3135qed
3136
3137AOT_theorem "sc-eq-fur:1": 𝒜φ  𝒜φ
3138  using "Act-Basic:6" "Act-Sub:4" "≡E"(6) by blast
3139
3140AOT_theorem "sc-eq-fur:2": (φ  φ)  (𝒜φ  φ)
3141  by (metis "B◇" "Act-Sub:3" "KBasic:13" "T◇" "Hypothetical Syllogism" "deduction-theorem" "≡I" "nec-imp-act")
3142
3143AOT_theorem "sc-eq-fur:3": x (φ{x}  φ{x})  (∃!x φ{x}  ιx φ{x})
3144proof (rule "→I"; rule "→I")
3145  AOT_assume x (φ{x}  φ{x})
3146  AOT_hence A: x (φ{x}  φ{x}) using CBF "→E" by blast
3147  AOT_assume ∃!x φ{x}
3148  then AOT_obtain a where a_def: φ{a} & y (φ{y}  y = a)
3149    using "∃E"[rotated 1, OF "uniqueness:1"[THEN "≡dfE"]] by blast
3150  moreover AOT_have φ{a} using calculation A "∀E"(2) "qml:2"[axiom_inst] "→E" "&E"(1) by blast
3151  AOT_hence 𝒜φ{a} using "nec-imp-act" "vdash-properties:6" by blast
3152  moreover AOT_have y (𝒜φ{y}  y = a)
3153  proof (rule "∀I"; rule "→I")
3154    fix b
3155    AOT_assume 𝒜φ{b}
3156    AOT_hence φ{b}
3157      using "Act-Sub:3" "vdash-properties:6" by blast
3158    moreover {
3159      AOT_have (φ{b}  φ{b})
3160        using A "∀E"(2) by blast
3161      AOT_hence φ{b}  φ{b}
3162        using "KBasic:13" "5◇" "Hypothetical Syllogism" "vdash-properties:6" by blast
3163    }
3164    ultimately AOT_have φ{b} using "→E" by blast
3165    AOT_hence φ{b} using "qml:2"[axiom_inst] "→E" by blast
3166    AOT_thus b = a
3167      using a_def[THEN "&E"(2)] "∀E"(2) "→E" by blast
3168  qed
3169  ultimately AOT_have 𝒜φ{a} & y (𝒜φ{y}  y = a)
3170    using "&I" by blast
3171  AOT_hence x (𝒜φ{x} & y (𝒜φ{y}  y = x)) using "∃I" by fast
3172  AOT_hence ∃!x 𝒜φ{x} using "uniqueness:1"[THEN "≡dfI"] by fast
3173  AOT_thus ιx φ{x}
3174    using "actual-desc:1"[THEN "≡E"(2)] by blast
3175qed
3176
3177AOT_theorem "sc-eq-fur:4": x (φ{x}  φ{x})  (x = ιx φ{x}  (φ{x} & z (φ{z}  z = x)))
3178proof (rule "→I")
3179  AOT_assume x (φ{x}  φ{x})
3180  AOT_hence x (φ{x}  φ{x}) using CBF "→E" by blast
3181  AOT_hence A: 𝒜φ{α}  φ{α} for α using "sc-eq-fur:2" "∀E" "→E" by fast
3182  AOT_show x = ιx φ{x}  (φ{x} & z (φ{z}  z = x))
3183  proof (rule "≡I"; rule "→I")
3184    AOT_assume x = ιx φ{x}
3185    AOT_hence B: 𝒜φ{x} & z (𝒜φ{z}  z = x)
3186      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
3187    AOT_show φ{x} & z (φ{z}  z = x)
3188    proof (rule "&I"; (rule "∀I"; rule "→I")?)
3189      AOT_show φ{x} using A B[THEN "&E"(1)] "≡E"(1) by blast
3190    next
3191      AOT_show z = x if φ{z} for z
3192        using that B[THEN "&E"(2)] "∀E"(2) "→E" A[THEN "≡E"(2)] by blast
3193    qed
3194  next
3195    AOT_assume B: φ{x} & z (φ{z}  z = x)
3196    AOT_have 𝒜φ{x} & z (𝒜φ{z}  z = x)
3197    proof(rule "&I"; (rule "∀I"; rule "→I")?)
3198      AOT_show 𝒜φ{x} using B[THEN "&E"(1)] A[THEN "≡E"(2)] by blast
3199    next
3200      AOT_show b = x if 𝒜φ{b} for b
3201        using that A[THEN "≡E"(1)] B[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] by blast
3202    qed
3203    AOT_thus x = ιx φ{x}
3204      using "nec-hintikka-scheme"[THEN "≡E"(2)] by blast
3205  qed
3206qed
3207
3208AOT_theorem "id-act:1": α = β  𝒜α = β
3209  by (meson "Act-Sub:3" "Hypothetical Syllogism" "id-nec2:1" "id-nec:2" "≡I" "nec-imp-act")
3210
3211AOT_theorem "id-act:2": α  β  𝒜α  β
3212proof (AOT_subst α  β ¬(α = β))
3213  AOT_modally_strict {
3214    AOT_show α  β  ¬(α = β)
3215      by (simp add: "=-infix" "≡Df")
3216  }
3217next
3218  AOT_show ¬(α = β)  𝒜¬(α = β)
3219  proof (safe intro!: "≡I" "→I")
3220    AOT_assume ¬α = β
3221    AOT_hence ¬𝒜α = β using "id-act:1" "≡E"(3) by blast
3222    AOT_thus 𝒜¬α = β
3223      using "¬¬E" "Act-Sub:1" "≡E"(3) by blast
3224  next
3225    AOT_assume 𝒜¬α = β
3226    AOT_hence ¬𝒜α = β
3227      using "¬¬I" "Act-Sub:1" "≡E"(4) by blast
3228    AOT_thus ¬α = β
3229      using "id-act:1" "≡E"(4) by blast
3230  qed
3231qed
3232
3233AOT_theorem "A-Exists:1": 𝒜∃!α φ{α}  ∃!α 𝒜φ{α}
3234proof -
3235  AOT_have 𝒜∃!α φ{α}  𝒜αβ (φ{β}  β = α)
3236    by (AOT_subst ∃!α φ{α} αβ (φ{β}  β = α))
3237       (auto simp add: "oth-class-taut:3:a" "uniqueness:2")
3238  also AOT_have   α 𝒜β (φ{β}  β = α)
3239    by (simp add: "Act-Basic:10")
3240  also AOT_have   αβ 𝒜(φ{β}  β = α)
3241    by (AOT_subst 𝒜β (φ{β}  β = α) β 𝒜(φ{β}  β = α) for: α)
3242       (auto simp: "logic-actual-nec:3" "vdash-properties:1[2]" "oth-class-taut:3:a")
3243  also AOT_have   αβ (𝒜φ{β}  𝒜β = α)
3244    by (AOT_subst (reverse) 𝒜φ{β}  𝒜β = α  𝒜(φ{β}  β = α) for: α β :: 'a)
3245       (auto simp: "Act-Basic:5" "cqt-further:7")
3246  also AOT_have   αβ (𝒜φ{β}  β = α)
3247    by (AOT_subst (reverse) 𝒜β = α β = α for: α β :: 'a)
3248       (auto simp: "id-act:1" "cqt-further:7")
3249  also AOT_have ...  ∃!α 𝒜φ{α}
3250    using "uniqueness:2" "Commutativity of ≡"[THEN "≡E"(1)] by fast
3251  finally show ?thesis .
3252qed
3253
3254AOT_theorem "A-Exists:2": ιx φ{x}  𝒜∃!x φ{x}
3255  by (AOT_subst 𝒜∃!x φ{x} ∃!x 𝒜φ{x})
3256     (auto simp: "actual-desc:1" "A-Exists:1")
3257
3258AOT_theorem "id-act-desc:1": ιx (x = y)
3259proof(rule "existence:1"[THEN "≡dfI"]; rule "∃I")
3260  AOT_show x E!x  E!x]ιx (x = y)
3261  proof (rule "russell-axiom[exe,1].nec-russell-axiom"[THEN "≡E"(2)]; rule "∃I"; (rule "&I")+)
3262    AOT_show 𝒜y = y by (simp add: "RA[2]" "id-eq:1")
3263  next
3264    AOT_show z (𝒜z = y  z = y)
3265      apply (rule "∀I")
3266      using "id-act:1"[THEN "≡E"(2)] "→I" by blast
3267  next
3268    AOT_show x E!x  E!x]y
3269    proof (rule "lambda-predicates:2"[axiom_inst, THEN "→E", THEN "≡E"(2)])
3270      AOT_show x E!x  E!x]
3271        by "cqt:2[lambda]"
3272    next
3273      AOT_show E!y  E!y 
3274        by (simp add: "if-p-then-p")
3275    qed
3276  qed
3277next
3278  AOT_show x E!x  E!x]
3279    by "cqt:2[lambda]"
3280qed
3281
3282AOT_theorem "id-act-desc:2": y = ιx (x = y)
3283  by (rule descriptions[axiom_inst, THEN "≡E"(2)]; rule "∀I"; rule "id-act:1"[symmetric])
3284
3285AOT_theorem "pre-en-eq:1[1]": x1[F]  x1[F]
3286  by (simp add: encoding "vdash-properties:1[2]")
3287
3288AOT_theorem "pre-en-eq:1[2]": x1x2[F]  x1x2[F]
3289proof (rule "→I")
3290  AOT_assume x1x2[F]
3291  AOT_hence x1y [F]yx2] and x2y [F]x1y]
3292    using "nary-encoding[2]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3293  moreover AOT_have y [F]yx2] by "cqt:2[lambda]"
3294  moreover AOT_have y [F]x1y] by "cqt:2[lambda]"
3295  ultimately AOT_have x1y [F]yx2] and x2y [F]x1y]
3296    using encoding[axiom_inst, unvarify F] "→E" "&I" by blast+
3297  note A = this
3298  AOT_hence (x1y [F]yx2] & x2y [F]x1y])
3299    using "KBasic:3"[THEN "≡E"(2)] "&I" by blast
3300  AOT_thus x1x2[F]
3301    by (rule "nary-encoding[2]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3302qed
3303
3304AOT_theorem "pre-en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3305proof (rule "→I")
3306  AOT_assume x1x2x3[F]
3307  AOT_hence x1y [F]yx2x3] and x2y [F]x1yx3] and x3y [F]x1x2y]
3308    using "nary-encoding[3]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3309  moreover AOT_have y [F]yx2x3] by "cqt:2[lambda]"
3310  moreover AOT_have y [F]x1yx3] by "cqt:2[lambda]"
3311  moreover AOT_have y [F]x1x2y] by "cqt:2[lambda]"
3312  ultimately AOT_have x1y [F]yx2x3] and x2y [F]x1yx3] and x3y [F]x1x2y]
3313    using encoding[axiom_inst, unvarify F] "→E" by blast+
3314  note A = this
3315  AOT_have B: (x1y [F]yx2x3] & x2y [F]x1yx3] & x3y [F]x1x2y])
3316    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3317  AOT_thus x1x2x3[F]
3318    by (rule "nary-encoding[3]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3319qed
3320
3321AOT_theorem "pre-en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3322proof (rule "→I")
3323  AOT_assume x1x2x3x4[F]
3324  AOT_hence x1y [F]yx2x3x4] and x2y [F]x1yx3x4] and x3y [F]x1x2yx4] and  x4y [F]x1x2x3y]
3325    using "nary-encoding[4]"[axiom_inst, THEN "≡E"(1)] "&E" by metis+
3326  moreover AOT_have y [F]yx2x3x4] by "cqt:2[lambda]"
3327  moreover AOT_have y [F]x1yx3x4] by "cqt:2[lambda]"
3328  moreover AOT_have y [F]x1x2yx4] by "cqt:2[lambda]"
3329  moreover AOT_have y [F]x1x2x3y] by "cqt:2[lambda]"
3330  ultimately AOT_have x1y [F]yx2x3x4] and x2y [F]x1yx3x4] and x3y [F]x1x2yx4] and x4y [F]x1x2x3y]
3331    using "→E" encoding[axiom_inst, unvarify F] by blast+
3332  note A = this
3333  AOT_have B: (x1y [F]yx2x3x4] & x2y [F]x1yx3x4] & x3y [F]x1x2yx4] & x4y [F]x1x2x3y])
3334    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3335  AOT_thus x1x2x3x4[F]
3336    by (rule "nary-encoding[4]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3337qed
3338
3339AOT_theorem "pre-en-eq:2[1]": ¬x1[F]  ¬x1[F]
3340proof (rule "→I"; rule "raa-cor:1")
3341  AOT_assume ¬¬x1[F]
3342  AOT_hence x1[F]
3343    by (rule "conventions:5"[THEN "≡dfI"])
3344  AOT_hence x1[F]
3345    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[1]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3346  moreover AOT_assume ¬x1[F]
3347  ultimately AOT_show x1[F] & ¬x1[F] by (rule "&I")
3348qed
3349AOT_theorem "pre-en-eq:2[2]": ¬x1x2[F]  ¬x1x2[F]
3350proof (rule "→I"; rule "raa-cor:1")
3351  AOT_assume ¬¬x1x2[F]
3352  AOT_hence x1x2[F]
3353    by (rule "conventions:5"[THEN "≡dfI"])
3354  AOT_hence x1x2[F]
3355    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[2]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3356  moreover AOT_assume ¬x1x2[F]
3357  ultimately AOT_show x1x2[F] & ¬x1x2[F] by (rule "&I")
3358qed
3359
3360AOT_theorem "pre-en-eq:2[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3361proof (rule "→I"; rule "raa-cor:1")
3362  AOT_assume ¬¬x1x2x3[F]
3363  AOT_hence x1x2x3[F]
3364    by (rule "conventions:5"[THEN "≡dfI"])
3365  AOT_hence x1x2x3[F]
3366    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[3]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3367  moreover AOT_assume ¬x1x2x3[F]
3368  ultimately AOT_show x1x2x3[F] & ¬x1x2x3[F] by (rule "&I")
3369qed
3370
3371AOT_theorem "pre-en-eq:2[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3372proof (rule "→I"; rule "raa-cor:1")
3373  AOT_assume ¬¬x1x2x3x4[F]
3374  AOT_hence x1x2x3x4[F]
3375    by (rule "conventions:5"[THEN "≡dfI"])
3376  AOT_hence x1x2x3x4[F]
3377    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[4]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3378  moreover AOT_assume ¬x1x2x3x4[F]
3379  ultimately AOT_show x1x2x3x4[F] & ¬x1x2x3x4[F] by (rule "&I")
3380qed
3381
3382AOT_theorem "en-eq:1[1]": x1[F]  x1[F]
3383  using "pre-en-eq:1[1]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
3384AOT_theorem "en-eq:1[2]": x1x2[F]  x1x2[F]
3385  using "pre-en-eq:1[2]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
3386AOT_theorem "en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3387  using "pre-en-eq:1[3]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
3388AOT_theorem "en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3389  using "pre-en-eq:1[4]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
3390
3391AOT_theorem "en-eq:2[1]": x1[F]  x1[F]
3392  by (simp add: "≡I" "pre-en-eq:1[1]" "qml:2"[axiom_inst])
3393AOT_theorem "en-eq:2[2]": x1x2[F]  x1x2[F]
3394  by (simp add: "≡I" "pre-en-eq:1[2]" "qml:2"[axiom_inst])
3395AOT_theorem "en-eq:2[3]": x1x2x3[F]  x1x2x3[F]
3396  by (simp add: "≡I" "pre-en-eq:1[3]" "qml:2"[axiom_inst])
3397AOT_theorem "en-eq:2[4]": x1x2x3x4[F]  x1x2x3x4[F]
3398  by (simp add: "≡I" "pre-en-eq:1[4]" "qml:2"[axiom_inst])
3399
3400AOT_theorem "en-eq:3[1]": x1[F]  x1[F]
3401  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[1]"] "≡I" by blast
3402AOT_theorem "en-eq:3[2]": x1x2[F]  x1x2[F]
3403  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[2]"] "≡I" by blast
3404AOT_theorem "en-eq:3[3]": x1x2x3[F]  x1x2x3[F]
3405  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[3]"] "≡I" by blast
3406AOT_theorem "en-eq:3[4]": x1x2x3x4[F]  x1x2x3x4[F]
3407  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[4]"] "≡I" by blast
3408
3409AOT_theorem "en-eq:4[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3410  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3411  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[1]" by blast+
3412AOT_theorem "en-eq:4[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3413  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3414  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[2]" by blast+
3415AOT_theorem "en-eq:4[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3416  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3417  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[3]" by blast+
3418AOT_theorem "en-eq:4[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3419  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3420  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[4]" by blast+
3421
3422AOT_theorem "en-eq:5[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3423  apply (rule "≡I"; rule "→I")
3424  using "en-eq:4[1]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3425  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3426        "&I"[OF "pre-en-eq:1[1]"[THEN RN], OF "pre-en-eq:1[1]"[THEN RN]] by blast
3427AOT_theorem "en-eq:5[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3428  apply (rule "≡I"; rule "→I")
3429  using "en-eq:4[2]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3430  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3431        "&I"[OF "pre-en-eq:1[2]"[THEN RN], OF "pre-en-eq:1[2]"[THEN RN]] by blast
3432AOT_theorem "en-eq:5[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3433  apply (rule "≡I"; rule "→I")
3434  using "en-eq:4[3]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3435  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3436        "&I"[OF "pre-en-eq:1[3]"[THEN RN], OF "pre-en-eq:1[3]"[THEN RN]] by blast
3437AOT_theorem "en-eq:5[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3438  apply (rule "≡I"; rule "→I")
3439  using "en-eq:4[4]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3440  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3441        "&I"[OF "pre-en-eq:1[4]"[THEN RN], OF "pre-en-eq:1[4]"[THEN RN]] by blast
3442
3443AOT_theorem "en-eq:6[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3444  using "en-eq:5[1]"[symmetric] "en-eq:4[1]" "≡E"(5) by fast
3445AOT_theorem "en-eq:6[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3446  using "en-eq:5[2]"[symmetric] "en-eq:4[2]" "≡E"(5) by fast
3447AOT_theorem "en-eq:6[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3448  using "en-eq:5[3]"[symmetric] "en-eq:4[3]" "≡E"(5) by fast
3449AOT_theorem "en-eq:6[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3450  using "en-eq:5[4]"[symmetric] "en-eq:4[4]" "≡E"(5) by fast
3451
3452AOT_theorem "en-eq:7[1]": ¬x1[F]  ¬x1[F]
3453  using "pre-en-eq:2[1]" "qml:2"[axiom_inst] "≡I" by blast
3454AOT_theorem "en-eq:7[2]": ¬x1x2[F]  ¬x1x2[F]
3455  using "pre-en-eq:2[2]" "qml:2"[axiom_inst] "≡I" by blast
3456AOT_theorem "en-eq:7[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3457  using "pre-en-eq:2[3]" "qml:2"[axiom_inst] "≡I" by blast
3458AOT_theorem "en-eq:7[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3459  using "pre-en-eq:2[4]" "qml:2"[axiom_inst] "≡I" by blast
3460
3461AOT_theorem "en-eq:8[1]": ¬x1[F]  ¬x1[F]
3462  using "en-eq:2[1]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3463AOT_theorem "en-eq:8[2]": ¬x1x2[F]  ¬x1x2[F]
3464  using "en-eq:2[2]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3465AOT_theorem "en-eq:8[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3466  using "en-eq:2[3]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3467AOT_theorem "en-eq:8[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3468  using "en-eq:2[4]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3469
3470AOT_theorem "en-eq:9[1]": ¬x1[F]  ¬x1[F]
3471  using "en-eq:7[1]" "en-eq:8[1]" "≡E"(5) by blast
3472AOT_theorem "en-eq:9[2]": ¬x1x2[F]  ¬x1x2[F]
3473  using "en-eq:7[2]" "en-eq:8[2]" "≡E"(5) by blast
3474AOT_theorem "en-eq:9[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3475  using "en-eq:7[3]" "en-eq:8[3]" "≡E"(5) by blast
3476AOT_theorem "en-eq:9[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3477  using "en-eq:7[4]" "en-eq:8[4]" "≡E"(5) by blast
3478
3479AOT_theorem "en-eq:10[1]": 𝒜x1[F]  x1[F]
3480  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[1]" "pre-en-eq:1[1]")
3481AOT_theorem "en-eq:10[2]": 𝒜x1x2[F]  x1x2[F]
3482  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[2]" "pre-en-eq:1[2]")
3483AOT_theorem "en-eq:10[3]": 𝒜x1x2x3[F]  x1x2x3[F]
3484  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[3]" "pre-en-eq:1[3]")
3485AOT_theorem "en-eq:10[4]": 𝒜x1x2x3x4[F]  x1x2x3x4[F]
3486  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[4]" "pre-en-eq:1[4]")
3487
3488AOT_theorem "oa-facts:1": O!x  O!x
3489proof(rule "→I")
3490  AOT_modally_strict {
3491    AOT_have x E!x]x  E!x
3492      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
3493  } note θ = this
3494  AOT_assume O!x
3495  AOT_hence x E!x]x
3496    by (rule "=dfE"(2)[OF AOT_ordinary, rotated 1]) "cqt:2[lambda]"
3497  AOT_hence E!x using θ[THEN "≡E"(1)] by blast
3498  AOT_hence E!x using "qml:3"[axiom_inst, THEN "→E"] by blast
3499  AOT_hence x E!x]x
3500    by (AOT_subst x E!x]x E!x)
3501       (auto simp: θ)
3502  AOT_thus O!x
3503    by (rule "=dfI"(2)[OF AOT_ordinary, rotated 1]) "cqt:2[lambda]"
3504qed
3505
3506AOT_theorem "oa-facts:2": A!x  A!x
3507proof(rule "→I")
3508  AOT_modally_strict {
3509    AOT_have x ¬E!x]x  ¬E!x
3510      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
3511  } note θ = this
3512  AOT_assume A!x
3513  AOT_hence x ¬E!x]x
3514    by (rule "=dfE"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
3515  AOT_hence ¬E!x using θ[THEN "≡E"(1)] by blast
3516  AOT_hence ¬E!x using "KBasic2:1"[THEN "≡E"(2)] by blast
3517  AOT_hence ¬E!x using "4"[THEN "→E"] by blast
3518  AOT_hence ¬E!x
3519    using "KBasic2:1"
3520    by (AOT_subst (reverse) ¬E!x ¬E!x) blast
3521  AOT_hence x ¬E!x]x
3522    by (AOT_subst x ¬E!x]x ¬E!x)
3523       (auto simp: θ)
3524  AOT_thus A!x
3525    by (rule "=dfI"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
3526qed
3527
3528AOT_theorem "oa-facts:3": O!x  O!x
3529  using "oa-facts:1" "B◇" "RM◇" "Hypothetical Syllogism" by blast
3530AOT_theorem "oa-facts:4": A!x  A!x
3531  using "oa-facts:2" "B◇" "RM◇" "Hypothetical Syllogism" by blast
3532
3533AOT_theorem "oa-facts:5": O!x  O!x
3534  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:1" "oa-facts:3")
3535
3536AOT_theorem "oa-facts:6": A!x  A!x
3537  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:2" "oa-facts:4")
3538
3539AOT_theorem "oa-facts:7": O!x  𝒜O!x
3540  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:1" "oa-facts:3")
3541
3542AOT_theorem "oa-facts:8": A!x  𝒜A!x
3543  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:2" "oa-facts:4")
3544
3545AOT_theorem "beta-C-meta": μ1...μn φ{μ1...μn, ν1...νn}]  (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
3546  using "lambda-predicates:2"[axiom_inst] by blast
3547
3548AOT_theorem "beta-C-cor:1": (ν1...∀νn(μ1...μn φ{μ1...μn, ν1...νn}]))  ν1...∀νn (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
3549  apply (rule "cqt-basic:14"[where 'a='a, THEN "→E"])
3550  using "beta-C-meta" "∀I" by fast
3551
3552AOT_theorem "beta-C-cor:2": μ1...μn φ{μ1...μn}]  ν1...∀νn (μ1...μn φ{μ1...μn}]ν1...νn  φ{ν1...νn})
3553  apply (rule "→I"; rule "∀I")
3554  using "beta-C-meta"[THEN "→E"] by fast
3555
3556(* TODO: syntax + double-check if this is really a faithful representation *)
3557theorem "beta-C-cor:3": assumes ν1νn. AOT_instance_of_cqt_2 (φ (AOT_term_of_var ν1νn))
3558  shows [v  ν1...∀νn (μ1...μn φ{ν1...νn,μ1...μn}]ν1...νn  φ{ν1...νn,ν1...νn})]
3559  using "cqt:2[lambda]"[axiom_inst, OF assms] "beta-C-cor:1"[THEN "→E"] "∀I" by fast
3560
3561AOT_theorem "betaC:1:a": μ1...μn φ{μ1...μn}]κ1...κn  φ{κ1...κn}
3562proof -
3563  AOT_modally_strict {
3564    AOT_assume μ1...μn φ{μ1...μn}]κ1...κn
3565    moreover AOT_have μ1...μn φ{μ1...μn}] and κ1...κn
3566      using calculation "cqt:5:a"[axiom_inst, THEN "→E"] "&E" by blast+
3567    ultimately AOT_show φ{κ1...κn}
3568      using "beta-C-cor:2"[THEN "→E", THEN "∀E"(1), THEN "≡E"(1)] by blast
3569  }
3570qed
3571
3572AOT_theorem "betaC:1:b": ¬φ{κ1...κn}  ¬μ1...μn φ{μ1...μn}]κ1...κn
3573  using "betaC:1:a" "raa-cor:3" by blast
3574
3575lemmas "β→C" = "betaC:1:a" "betaC:1:b"
3576
3577AOT_theorem "betaC:2:a": μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn}  μ1...μn φ{μ1...μn}]κ1...κn
3578proof -
3579  AOT_modally_strict {
3580    AOT_assume 1: μ1...μn φ{μ1...μn}] and 2: κ1...κn and 3: φ{κ1...κn}
3581    AOT_hence μ1...μn φ{μ1...μn}]κ1...κn
3582      using "beta-C-cor:2"[THEN "→E", OF 1, THEN "∀E"(1), THEN "≡E"(2)] by blast
3583  }
3584  AOT_thus μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn}  μ1...μn φ{μ1...μn}]κ1...κn
3585    by blast
3586qed
3587
3588AOT_theorem "betaC:2:b": μ1...μn φ{μ1...μn}], κ1...κn, ¬μ1...μn φ{μ1...μn}]κ1...κn  ¬φ{κ1...κn}
3589  using "betaC:2:a" "raa-cor:3" by blast
3590
3591lemmas "β←C" = "betaC:2:a" "betaC:2:b"
3592
3593AOT_theorem "eta-conversion-lemma1:1": Π  x1...xn [Π]x1...xn] = Π
3594  using "lambda-predicates:3"[axiom_inst] "∀I" "∀E"(1) "→I" by fast
3595
3596AOT_theorem "eta-conversion-lemma1:2": Π  ν1...νn [Π]ν1...νn] = Π
3597  using "eta-conversion-lemma1:1". (* TODO: spurious in the embedding *)
3598
3599(* match (τ) in "λa . ?b" ⇒ ‹match (τ') in "λa . ?b" ⇒ ‹fail›› ¦ _ ⇒ ‹ *)
3600
3601text‹Note: not explicitly part of PLM.›
3602AOT_theorem id_sym: assumes τ = τ' shows τ' = τ
3603  using "rule=E"[where φ="λ τ' . «τ' = τ»", rotated 1, OF assms]
3604        "=I"(1)[OF "t=t-proper:1"[THEN "→E", OF assms]] by auto
3605declare id_sym[sym]
3606
3607text‹Note: not explicitly part of PLM.›
3608AOT_theorem id_trans: assumes τ = τ' and τ' = τ'' shows τ = τ''
3609  using "rule=E" assms by blast
3610declare id_trans[trans]
3611
3612method "ηC" for Π :: <'a::{AOT_Term_id_2,AOT_κs}> = (match conclusion in "[v  τ{Π} = τ'{Π}]" for v τ τ'  3613rule "rule=E"[rotated 1, OF "eta-conversion-lemma1:2"[THEN "→E", of v "«[Π]»", symmetric]]
3614)
3615(*
3616AOT_theorem ‹[λy [λz [P]z]y → [λu [S]u]y] = [λy [P]y → [S]y]›
3617  apply ("ηC" "«[P]»") defer
3618   apply ("ηC" "«[S]»") defer
3619  oops
3620*)
3621(* TODO: proper representation of eta_conversion_lemma2 *)
3622
3623AOT_theorem "sub-des-lam:1": z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}  z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
3624proof(rule "→I")
3625  AOT_assume A: z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}
3626  AOT_show z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
3627    using "rule=E"[where φ="λ τ . «z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, τ}]»",
3628               OF "=I"(1)[OF A[THEN "&E"(1)]], OF A[THEN "&E"(2)]]
3629    by blast
3630qed
3631
3632AOT_theorem "sub-des-lam:2": ιx φ{x} = ιx ψ{x}  χ{ιx φ{x}} = χ{ιx ψ{x}} for χ :: ‹κ  𝗈›
3633  using "rule=E"[where φ="λ τ . «χ{ιx φ{x}} = χ{τ}»", OF "=I"(1)[OF "log-prop-prop:2"]] "→I" by blast
3634
3635AOT_theorem "prop-equiv": F = G  x (x[F]  x[G])
3636proof(rule "≡I"; rule "→I")
3637  AOT_assume F = G
3638  AOT_thus x (x[F]  x[G])
3639    by (rule "rule=E"[rotated]) (fact "oth-class-taut:3:a"[THEN GEN])
3640next
3641  AOT_assume x (x[F]  x[G])
3642  AOT_hence x[F]  x[G] for x using "∀E" by blast
3643  AOT_hence (x[F]  x[G]) for x using "en-eq:6[1]"[THEN "≡E"(1)] by blast
3644  AOT_hence x (x[F]  x[G]) by (rule GEN)
3645  AOT_hence x (x[F]  x[G]) using BF[THEN "→E"] by fast
3646  AOT_thus "F = G" using "p-identity-thm2:1"[THEN "≡E"(2)] by blast
3647qed
3648
3649AOT_theorem "relations:1":
3650  assumes INSTANCE_OF_CQT_2(φ)
3651  shows F x1...∀xn ([F]x1...xn  φ{x1...xn})
3652  apply (rule "∃I"(1)[where τ="«x1...xn φ{x1...xn}]»"])
3653  using "cqt:2[lambda]"[OF assms, axiom_inst] "beta-C-cor:2"[THEN "→E", THEN RN] by blast+
3654
3655AOT_theorem "relations:2":
3656  assumes INSTANCE_OF_CQT_2(φ)
3657  shows F x ([F]x  φ{x})
3658  using "relations:1" assms by blast
3659
3660AOT_theorem "block-paradox:1": ¬x G (x[G] & ¬[G]x)]
3661proof(rule RAA(2))
3662  let ="λ τ. «G (τ[G] & ¬[G]τ)»"
3663  AOT_assume A: x « x»]
3664  AOT_have x (A!x & F (x[F]  F = x « x»]))
3665    using "A-objects"[axiom_inst] by fast
3666  then AOT_obtain a where ξ: A!a & F (a[F]  F = x « x»])
3667    using "∃E"[rotated] by blast
3668  AOT_show ¬x G (x[G] & ¬[G]x)]
3669  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3670    AOT_assume B: x « x»]a
3671    AOT_hence G (a[G] & ¬[G]a) using "β→C" A by blast
3672    then AOT_obtain P where a[P] & ¬[P]a using "∃E"[rotated] by blast
3673    moreover AOT_have P = x « x»]
3674      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)] calculation[THEN "&E"(1)] by blast
3675    ultimately AOT_have ¬x « x»]a
3676      using "rule=E" "&E"(2) by fast
3677    AOT_thus ¬x G (x[G] & ¬[G]x)] using B RAA by blast
3678  next
3679    AOT_assume B: ¬x « x»]a
3680    AOT_hence ¬G (a[G] & ¬[G]a) using "β←C" "cqt:2[const_var]"[of a, axiom_inst] A by blast
3681    AOT_hence C: G ¬(a[G] & ¬[G]a) using "cqt-further:4"[THEN "→E"] by blast
3682    AOT_have G (a[G]  [G]a)
3683      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
3684         (auto simp: "oth-class-taut:1:a" C)
3685    AOT_hence ax « x»]  x « x»]a using "∀E" A by blast
3686    moreover AOT_have ax « x»] using ξ[THEN "&E"(2), THEN "∀E"(1), OF A, THEN "≡E"(2)]
3687      using "=I"(1)[OF A] by blast
3688    ultimately AOT_show ¬x G (x[G] & ¬[G]x)] using B "→E" RAA by blast
3689  qed
3690qed(simp)
3691
3692AOT_theorem "block-paradox:2": ¬F x([F]x  G(x[G] & ¬[G]x))
3693proof(rule RAA(2))
3694  AOT_assume F x ([F]x  G (x[G] & ¬[G]x))
3695  then AOT_obtain F where F_prop: x ([F]x  G (x[G] & ¬[G]x)) using "∃E"[rotated] by blast
3696  AOT_have x (A!x & G (x[G]  G = F))
3697    using "A-objects"[axiom_inst] by fast
3698  then AOT_obtain a where ξ: A!a & G (a[G]  G = F)
3699    using "∃E"[rotated] by blast
3700  AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
3701  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3702    AOT_assume B: [F]a
3703    AOT_hence G (a[G] & ¬[G]a) using F_prop[THEN "∀E"(2), THEN "≡E"(1)] by blast
3704    then AOT_obtain P where a[P] & ¬[P]a using "∃E"[rotated] by blast
3705    moreover AOT_have P = F
3706      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)] calculation[THEN "&E"(1)] by blast
3707    ultimately AOT_have ¬[F]a
3708      using "rule=E" "&E"(2) by fast
3709    AOT_thus ¬F x([F]x  G(x[G] & ¬[G]x)) using B RAA by blast
3710  next
3711    AOT_assume B: ¬[F]a
3712    AOT_hence ¬G (a[G] & ¬[G]a)
3713      using "oth-class-taut:4:b"[THEN "≡E"(1), OF F_prop[THEN "∀E"(2)[of _ _ a]], THEN "≡E"(1)] by simp
3714    AOT_hence C: G ¬(a[G] & ¬[G]a) using "cqt-further:4"[THEN "→E"] by blast
3715    AOT_have G (a[G]  [G]a)
3716      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
3717         (auto simp: "oth-class-taut:1:a" C)
3718    AOT_hence a[F]  [F]a using "∀E" by blast
3719    moreover AOT_have a[F] using ξ[THEN "&E"(2), THEN "∀E"(2), of F, THEN "≡E"(2)]
3720      using "=I"(2) by blast
3721    ultimately AOT_show ¬F x([F]x  G(x[G] & ¬[G]x)) using B "→E" RAA by blast
3722  qed
3723qed(simp)
3724
3725AOT_theorem "block-paradox:3": ¬y z z = y]
3726proof(rule RAA(2))
3727  AOT_assume θ: y z z = y]
3728  AOT_have x (A!x & F (x[F]  y(F = z z = y] & ¬y[F])))
3729    using "A-objects"[axiom_inst] by force
3730  then AOT_obtain a where a_prop: A!a & F (a[F]  y (F = z z = y] & ¬y[F]))
3731    using "∃E"[rotated] by blast
3732  AOT_have ζ: az z = a]  y (z z = a] = z z = y] & ¬yz z = a])
3733    using θ[THEN "∀E"(2)] a_prop[THEN "&E"(2), THEN "∀E"(1)] by blast
3734  AOT_show ¬y z z = y]
3735  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3736    AOT_assume A: az z = a]
3737    AOT_hence y (z z = a] = z z = y] & ¬yz z = a])
3738      using ζ[THEN "≡E"(1)] by blast
3739    then AOT_obtain b where b_prop: z z = a] = z z = b] & ¬bz z = a]
3740      using "∃E"[rotated] by blast
3741    moreover AOT_have a = a by (rule "=I")
3742    moreover AOT_have z z = a] using θ "∀E" by blast
3743    moreover AOT_have a using "cqt:2[const_var]"[axiom_inst] .
3744    ultimately AOT_have z z = a]a using "β←C" by blast
3745    AOT_hence z z = b]a using "rule=E" b_prop[THEN "&E"(1)] by fast
3746    AOT_hence a = b using "β→C" by blast
3747    AOT_hence bz z = a] using A "rule=E" by fast
3748    AOT_thus ¬y z z = y] using b_prop[THEN "&E"(2)] RAA by blast
3749  next
3750    AOT_assume A: ¬az z = a]
3751    AOT_hence ¬y (z z = a] = z z = y] & ¬yz z = a])
3752      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
3753    AOT_hence y ¬(z z = a] = z z = y] & ¬yz z = a])
3754      using "cqt-further:4"[THEN "→E"] by blast
3755    AOT_hence ¬(z z = a] = z z = a] & ¬az z = a])
3756      using "∀E" by blast
3757    AOT_hence z z = a] = z z = a]  az z = a]
3758      by (metis "&I" "deduction-theorem" "raa-cor:4")
3759    AOT_hence az z = a] using "=I"(1) θ[THEN "∀E"(2)] "→E" by blast
3760    AOT_thus ¬y z z = y] using A RAA by blast
3761  qed
3762qed(simp)
3763
3764AOT_theorem "block-paradox:4": ¬y F x([F]x  x = y)
3765proof(rule RAA(2))
3766  AOT_assume θ: y F x([F]x  x = y)
3767  AOT_have x (A!x & F (x[F]  z (y([F]y  y = z) & ¬z[F])))
3768    using "A-objects"[axiom_inst] by force
3769  then AOT_obtain a where a_prop: A!a & F (a[F]  z (y([F]y  y = z) & ¬z[F]))
3770    using "∃E"[rotated] by blast
3771  AOT_obtain F where F_prop: x ([F]x  x = a) using θ[THEN "∀E"(2)] "∃E"[rotated] by blast
3772  AOT_have ζ: a[F]  z (y ([F]y  y = z) & ¬z[F])
3773    using a_prop[THEN "&E"(2), THEN "∀E"(2)] by blast
3774  AOT_show ¬y F x([F]x  x = y)
3775  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3776    AOT_assume A: a[F]
3777    AOT_hence z (y ([F]y  y = z) & ¬z[F])
3778      using ζ[THEN "≡E"(1)] by blast
3779    then AOT_obtain b where b_prop: y ([F]y  y = b) & ¬b[F]
3780      using "∃E"[rotated] by blast
3781    moreover AOT_have [F]a using F_prop[THEN "∀E"(2), THEN "≡E"(2)] "=I"(2) by blast
3782    ultimately AOT_have a = b using "∀E"(2) "≡E"(1) "&E" by fast
3783    AOT_hence a = b using "β→C" by blast
3784    AOT_hence b[F] using A "rule=E" by fast
3785    AOT_thus ¬y F x([F]x  x = y) using b_prop[THEN "&E"(2)] RAA by blast
3786  next
3787    AOT_assume A: ¬a[F]
3788    AOT_hence ¬z (y ([F]y  y = z) & ¬z[F])
3789      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
3790    AOT_hence z ¬(y ([F]y  y = z) & ¬z[F])
3791      using "cqt-further:4"[THEN "→E"] by blast
3792    AOT_hence ¬(y ([F]y  y = a) & ¬a[F])
3793      using "∀E" by blast
3794    AOT_hence y ([F]y  y = a)  a[F]
3795      by (metis "&I" "deduction-theorem" "raa-cor:4")
3796    AOT_hence a[F] using F_prop "→E" by blast
3797    AOT_thus ¬y F x([F]x  x = y) using A RAA by blast
3798  qed
3799qed(simp)
3800
3801AOT_theorem "block-paradox:5": ¬Fxy([F]xy  y = x)
3802proof(rule "raa-cor:2")
3803  AOT_assume Fxy([F]xy  y = x)
3804  then AOT_obtain F where F_prop: xy([F]xy  y = x) using "∃E"[rotated] by blast
3805  {
3806    fix x
3807    AOT_have 1: y([F]xy  y = x) using F_prop "∀E" by blast
3808    AOT_have 2: z [F]xz] by "cqt:2[lambda]"
3809    moreover AOT_have y(z [F]xz]y  y = x)
3810    proof(rule "∀I")
3811      fix y
3812      AOT_have z [F]xz]y  [F]xy
3813        using "beta-C-meta"[THEN "→E"] 2 by fast
3814      also AOT_have ...  y = x using 1 "∀E"
3815        by fast
3816      finally AOT_show z [F]xz]y  y = x.
3817    qed
3818    ultimately AOT_have Fy([F]y  y = x)
3819      using "∃I" by fast
3820  }
3821  AOT_hence xFy([F]y  y = x)
3822    by (rule GEN)
3823  AOT_thus xFy([F]y  y = x) & ¬xFy([F]y  y = x)
3824    using "&I" "block-paradox:4" by blast
3825qed
3826
3827AOT_act_theorem "block-paradox2:1": x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3828proof(rule "→I"; rule "raa-cor:2")
3829  AOT_assume antecedant: x [G]x
3830  AOT_have Lemma: x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
3831  proof(rule GEN)
3832    fix x
3833    AOT_have A: [G]ιy (y = x & H (x[H] & ¬[H]x))  ∃!y (y = x & H (x[H] & ¬[H]x))
3834    proof(rule "≡I"; rule "→I")
3835      AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
3836      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
3837        using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
3838      AOT_thus ∃!y (y = x & H (x[H] & ¬[H]x))
3839        using "1-exists:1"[THEN "≡E"(1)] by blast
3840    next
3841      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
3842      AOT_obtain a where a_1: a = x & H (x[H] & ¬[H]x) and a_2: z (z = x & H (x[H] & ¬[H]x)  z = a)
3843        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
3844      AOT_have a_3: [G]a
3845        using antecedant "∀E" by blast
3846      AOT_show [G]ιy (y = x & H (x[H] & ¬[H]x))
3847        apply (rule "russell-axiom[exe,1].russell-axiom"[THEN "≡E"(2)])
3848        apply (rule "∃I"(2))
3849        using a_1 a_2 a_3 "&I" by blast
3850    qed
3851    also AOT_have B: ...  H (x[H] & ¬[H]x)
3852    proof (rule "≡I"; rule "→I")
3853      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
3854      AOT_obtain a where a = x & H (x[H] & ¬[H]x)
3855        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
3856      AOT_thus H (x[H] & ¬[H]x) using "&E" by blast
3857    next
3858      AOT_assume H (x[H] & ¬[H]x)
3859      AOT_hence x = x & H (x[H] & ¬[H]x)
3860        using "id-eq:1" "&I" by blast
3861      moreover AOT_have z (z = x & H (x[H] & ¬[H]x)  z = x)
3862        by (simp add: "Conjunction Simplification"(1) "universal-cor")
3863      ultimately AOT_show ∃!y (y = x & H (x[H] & ¬[H]x))
3864        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
3865    qed
3866    finally AOT_show ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)) .
3867  qed
3868
3869  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3870  AOT_have θ: x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  [G]ιy(y = x & H (x[H] & ¬[H]x)))
3871    using "beta-C-meta"[THEN "→E", OF A] "∀I" by fast
3872  AOT_have x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
3873    using θ Lemma "cqt-basic:10"[THEN "→E"] "&I" by fast
3874  AOT_hence F x ([F]x  H (x[H] & ¬[H]x))
3875    using "∃I"(1) A by fast
3876  AOT_thus (F x ([F]x  H (x[H] & ¬[H]x))) & (¬F x ([F]x  H (x[H] & ¬[H]x)))
3877    using "block-paradox:2" "&I" by blast
3878qed
3879
3880AOT_act_theorem "block-paradox2:2": G ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3881proof(rule "∃I"(1))
3882  AOT_have 0: x p (p p)]
3883    by "cqt:2[lambda]"
3884  moreover AOT_have x x p (p p)]x
3885    apply (rule GEN)
3886    apply (rule "beta-C-cor:2"[THEN "→E", OF 0, THEN "∀E"(2), THEN "≡E"(2)])
3887    using "if-p-then-p" GEN by fast
3888  moreover AOT_have G (x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))])
3889      using "block-paradox2:1" "∀I" by fast
3890  ultimately AOT_show ¬x x p (p p)]ιy (y = x & H (x[H] & ¬[H]x))]
3891    using "∀E"(1) "→E" by blast
3892qed("cqt:2[lambda]")
3893
3894AOT_theorem propositions: p (p  φ)
3895proof(rule "∃I"(1))
3896  AOT_show (φ  φ)
3897    by (simp add: RN "oth-class-taut:3:a")
3898next
3899  AOT_show φ
3900    by (simp add: "log-prop-prop:2")
3901qed
3902
3903AOT_theorem "pos-not-equiv-ne:1": (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
3904proof (rule "→I")
3905  AOT_assume ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
3906  AOT_hence ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
3907    using "KBasic:11"[THEN "≡E"(2)] by blast
3908  AOT_hence ¬(F = G)
3909    using "id-rel-nec-equiv:1" "modus-tollens:1" by blast
3910  AOT_thus F  G
3911    using "=-infix"[THEN "≡dfI"] by blast
3912qed
3913
3914AOT_theorem "pos-not-equiv-ne:2": (¬(φ{F}  φ{G}))  F  G
3915proof (rule "→I")
3916  AOT_modally_strict {
3917    AOT_have ¬(φ{F}  φ{G})  ¬(F = G)
3918    proof (rule "→I"; rule "raa-cor:2")
3919      AOT_assume 1: F = G
3920      AOT_hence φ{F}  φ{G} using "l-identity"[axiom_inst, THEN "→E"] by blast
3921      moreover {
3922        AOT_have G = F using 1 id_sym by blast
3923        AOT_hence φ{G}  φ{F} using "l-identity"[axiom_inst, THEN "→E"] by blast
3924      }
3925      ultimately AOT_have φ{F}  φ{G} using "≡I" by blast
3926      moreover AOT_assume ¬(φ{F}  φ{G})
3927      ultimately AOT_show (φ{F}  φ{G}) & ¬(φ{F}  φ{G})
3928        using "&I" by blast
3929    qed
3930  }
3931  AOT_hence ¬(φ{F}  φ{G})  ¬(F = G)
3932    using "RM:2[prem]" by blast
3933  moreover AOT_assume ¬(φ{F}  φ{G})
3934  ultimately AOT_have 0: ¬(F = G) using "→E" by blast
3935  AOT_have (F  G)
3936    by (AOT_subst F  G ¬(F = G))
3937       (auto simp: "=-infix" "≡Df" 0)
3938  AOT_thus F  G
3939    using "id-nec2:3"[THEN "→E"] by blast
3940qed
3941
3942AOT_theorem "pos-not-equiv-ne:2[zero]": (¬(φ{p}  φ{q}))  p  q
3943proof (rule "→I")
3944  AOT_modally_strict {
3945    AOT_have ¬(φ{p}  φ{q})  ¬(p = q)
3946    proof (rule "→I"; rule "raa-cor:2")
3947      AOT_assume 1: p = q
3948      AOT_hence φ{p}  φ{q} using "l-identity"[axiom_inst, THEN "→E"] by blast
3949      moreover {
3950        AOT_have q = p using 1 id_sym by blast
3951        AOT_hence φ{q}  φ{p} using "l-identity"[axiom_inst, THEN "→E"] by blast
3952      }
3953      ultimately AOT_have φ{p}  φ{q} using "≡I" by blast
3954      moreover AOT_assume ¬(φ{p}  φ{q})
3955      ultimately AOT_show (φ{p}  φ{q}) & ¬(φ{p}  φ{q})
3956        using "&I" by blast
3957    qed
3958  }
3959  AOT_hence ¬(φ{p}  φ{q})  ¬(p = q)
3960    using "RM:2[prem]" by blast
3961  moreover AOT_assume ¬(φ{p}  φ{q})
3962  ultimately AOT_have 0: ¬(p = q) using "→E" by blast
3963  AOT_have (p  q)
3964    by (AOT_subst p  q ¬(p = q))
3965       (auto simp: 0 "=-infix" "≡Df")
3966  AOT_thus p  q
3967    using "id-nec2:3"[THEN "→E"] by blast
3968qed
3969
3970AOT_theorem "pos-not-equiv-ne:3": (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
3971  using "→I" "pos-not-equiv-ne:1"[THEN "→E"] "T◇"[THEN "→E"] by blast
3972
3973AOT_theorem "pos-not-equiv-ne:4": (¬(φ{F}  φ{G}))  F  G
3974  using "→I" "pos-not-equiv-ne:2"[THEN "→E"] "T◇"[THEN "→E"] by blast
3975
3976AOT_theorem "pos-not-equiv-ne:4[zero]": (¬(φ{p}  φ{q}))  p  q
3977  using "→I" "pos-not-equiv-ne:2[zero]"[THEN "→E"] "T◇"[THEN "→E"] by blast
3978
3979AOT_define relation_negation ::  Π" ("_-")
3980  "df-relation-negation": "[F]- =df x1...xn ¬[F]x1...xn]"
3981
3982nonterminal φneg
3983syntax "" :: "φneg  τ" ("_")
3984syntax "" :: "φneg  φ" ("'(_')")
3985
3986AOT_define relation_negation_0 :: ‹φ  φneg› ("'(_')-")
3987  "df-relation-negation[zero]": "(p)- =df  ¬p]"
3988
3989AOT_theorem "rel-neg-T:1": x1...xn ¬[Π]x1...xn]
3990  by "cqt:2[lambda]"
3991
3992AOT_theorem "rel-neg-T:1[zero]":  ¬φ]
3993  using "cqt:2[lambda0]"[axiom_inst] by blast
3994
3995AOT_theorem "rel-neg-T:2": [Π]- = x1...xn ¬[Π]x1...xn]
3996  using "=I"(1)[OF "rel-neg-T:1"]
3997  by (rule "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"])
3998
3999AOT_theorem "rel-neg-T:2[zero]": (φ)- =  ¬φ]
4000  using "=I"(1)[OF "rel-neg-T:1[zero]"]
4001  by (rule "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"])
4002
4003AOT_theorem "rel-neg-T:3": [Π]-
4004  using "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"] "rel-neg-T:1" by blast
4005
4006AOT_theorem "rel-neg-T:3[zero]": (φ)-
4007  using "log-prop-prop:2" by blast
4008(*  using "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"] "rel-neg-T:1[zero]" by blast *)
4009
4010(* Note: PLM states the zero place case twice *)
4011AOT_theorem "thm-relation-negation:1": [F]-x1...xn  ¬[F]x1...xn
4012proof -
4013  AOT_have [F]-x1...xn  x1...xn ¬[F]x1...xn]x1...xn
4014    using "rule=E"[rotated, OF "rel-neg-T:2"] "rule=E"[rotated, OF "rel-neg-T:2"[THEN id_sym]]
4015    "→I" "≡I" by fast
4016  also AOT_have ...  ¬[F]x1...xn
4017    using "beta-C-meta"[THEN "→E", OF "rel-neg-T:1"] by fast
4018  finally show ?thesis.
4019qed
4020
4021AOT_theorem "thm-relation-negation:2": ¬[F]-x1...xn  [F]x1...xn
4022  apply (AOT_subst [F]x1...xn ¬¬[F]x1...xn)
4023   apply (simp add: "oth-class-taut:3:b")
4024  apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4025  using "thm-relation-negation:1".
4026
4027AOT_theorem "thm-relation-negation:3": ((p)-)  ¬p
4028proof -
4029  AOT_have (p)- =  ¬p] using "rel-neg-T:2[zero]" by blast
4030  AOT_hence ((p)-)   ¬p]
4031    using "df-relation-negation[zero]" "log-prop-prop:2" "oth-class-taut:3:a" "rule-id-df:2:a" by blast
4032  also AOT_have  ¬p]  ¬p
4033    by (simp add: "propositions-lemma:2")
4034  finally show ?thesis.
4035qed
4036
4037AOT_theorem "thm-relation-negation:4": (¬((p)-))  p
4038  using "thm-relation-negation:3"[THEN "≡E"(1)]
4039        "thm-relation-negation:3"[THEN "≡E"(2)]
4040        "≡I" "→I" RAA by metis
4041
4042AOT_theorem "thm-relation-negation:5": [F]  [F]-
4043proof -
4044  AOT_have ¬([F] = [F]-)
4045  proof (rule RAA(2))
4046    AOT_show [F]x1...xn  [F]x1...xn for x1xn
4047      using "if-p-then-p".
4048  next
4049    AOT_assume [F] = [F]-
4050    AOT_hence [F]- = [F] using id_sym by blast
4051    AOT_hence [F]x1...xn  ¬[F]x1...xn for x1xn
4052      using "rule=E" "thm-relation-negation:1" by fast
4053    AOT_thus ¬([F]x1...xn  [F]x1...xn) for x1xn
4054      using "≡E" RAA by metis
4055  qed
4056  thus ?thesis
4057    using "≡dfI" "=-infix" by blast
4058qed
4059
4060AOT_theorem "thm-relation-negation:6": p  (p)-
4061proof -
4062  AOT_have ¬(p = (p)-)
4063  proof (rule RAA(2))
4064    AOT_show p  p
4065      using "if-p-then-p".
4066  next
4067    AOT_assume p = (p)-
4068    AOT_hence (p)- = p using id_sym by blast
4069    AOT_hence p  ¬p
4070      using "rule=E" "thm-relation-negation:3" by fast
4071    AOT_thus ¬(p  p)
4072      using "≡E" RAA by metis
4073  qed
4074  thus ?thesis
4075    using "≡dfI" "=-infix" by blast
4076qed
4077
4078AOT_theorem "thm-relation-negation:7": (p)- = (¬p)
4079  apply (rule "df-relation-negation[zero]"[THEN "=dfE"(1)])
4080  using "cqt:2[lambda0]"[axiom_inst] "rel-neg-T:2[zero]" "propositions-lemma:1" id_trans by blast+
4081
4082AOT_theorem "thm-relation-negation:8": p = q  (¬p) = (¬q)
4083proof(rule "→I")
4084  AOT_assume p = q
4085  moreover AOT_have (¬p) using "log-prop-prop:2".
4086  moreover AOT_have (¬p) = (¬p) using calculation(2) "=I" by blast
4087  ultimately AOT_show (¬p) = (¬q)
4088    using "rule=E" by fast
4089qed
4090
4091AOT_theorem "thm-relation-negation:9": p = q  (p)- = (q)-
4092proof(rule "→I")
4093  AOT_assume p = q
4094  AOT_hence (¬p) = (¬q) using "thm-relation-negation:8" "→E" by blast
4095  AOT_thus (p)- = (q)-
4096    using "thm-relation-negation:7" id_sym id_trans by metis
4097qed
4098
4099AOT_define Necessary :: ‹Π  φ› ("Necessary'(_')")
4100  "contingent-properties:1": Necessary([F]) df x1...∀xn [F]x1...xn
4101
4102AOT_define Necessary0 :: ‹φ  φ› ("Necessary0'(_')")
4103  "contingent-properties:1[zero]": Necessary0(p) df p
4104
4105AOT_define Impossible :: ‹Π  φ› ("Impossible'(_')")
4106  "contingent-properties:2": Impossible([F]) df F & x1...∀xn ¬[F]x1...xn
4107
4108AOT_define Impossible0 :: ‹φ  φ› ("Impossible0'(_')")
4109  "contingent-properties:2[zero]": Impossible0(p) df ¬p
4110
4111AOT_define NonContingent :: ‹Π  φ› ("NonContingent'(_')")
4112  "contingent-properties:3": NonContingent([F]) df Necessary([F])  Impossible([F])
4113
4114AOT_define NonContingent0 :: ‹φ  φ› ("NonContingent0'(_')")
4115  "contingent-properties:3[zero]": NonContingent0(p) df Necessary0(p)  Impossible0(p)
4116
4117AOT_define Contingent :: ‹Π  φ› ("Contingent'(_')")
4118  "contingent-properties:4": Contingent([F]) df F & ¬(Necessary([F])  Impossible([F]))
4119
4120AOT_define Contingent0 :: ‹φ  φ› ("Contingent0'(_')")
4121  "contingent-properties:4[zero]": Contingent0(p) df ¬(Necessary0(p)  Impossible0(p))
4122
4123
4124AOT_theorem "thm-cont-prop:1": NonContingent([F])  NonContingent([F]-)
4125proof (rule "≡I"; rule "→I")
4126  AOT_assume NonContingent([F])
4127  AOT_hence Necessary([F])  Impossible([F])
4128    using "≡dfE"[OF "contingent-properties:3"] by blast
4129  moreover {
4130    AOT_assume Necessary([F])
4131    AOT_hence (x1...∀xn [F]x1...xn)
4132      using "≡dfE"[OF "contingent-properties:1"] by blast
4133    moreover AOT_modally_strict {
4134      AOT_assume x1...∀xn [F]x1...xn
4135      AOT_hence [F]x1...xn for x1xn using "∀E" by blast
4136      AOT_hence ¬[F]-x1...xn for x1xn
4137        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:2" "≡E"(1))
4138      AOT_hence x1...∀xn ¬[F]-x1...xn using "∀I" by fast
4139    }
4140    ultimately AOT_have (x1...∀xn ¬[F]-x1...xn)
4141      using "RN[prem]"[where Γ="{«x1...∀xn [F]x1...xn»}", simplified] by blast
4142    AOT_hence Impossible([F]-)
4143      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "rel-neg-T:3", THEN "≡E"(2)]
4144      by blast
4145  }
4146  moreover {
4147    AOT_assume Impossible([F])
4148    AOT_hence (x1...∀xn ¬[F]x1...xn)
4149      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)]
4150      by blast
4151    moreover AOT_modally_strict {
4152      AOT_assume x1...∀xn ¬[F]x1...xn
4153      AOT_hence ¬[F]x1...xn for x1xn using "∀E" by blast
4154      AOT_hence [F]-x1...xn for x1xn
4155        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:1" "≡E"(1))
4156      AOT_hence x1...∀xn [F]-x1...xn using "∀I" by fast
4157    }
4158    ultimately AOT_have (x1...∀xn [F]-x1...xn)
4159      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]x1...xn»}"] by blast
4160    AOT_hence Necessary([F]-)
4161      using "≡dfI"[OF "contingent-properties:1"] by blast
4162  }
4163  ultimately AOT_have Necessary([F]-)  Impossible([F]-)
4164    using "∨E"(1) "∨I" "→I" by metis
4165  AOT_thus NonContingent([F]-)
4166    using "≡dfI"[OF "contingent-properties:3"] by blast
4167next
4168  AOT_assume NonContingent([F]-)
4169  AOT_hence Necessary([F]-)  Impossible([F]-)
4170    using "≡dfE"[OF "contingent-properties:3"] by blast
4171  moreover {
4172    AOT_assume Necessary([F]-)
4173    AOT_hence (x1...∀xn [F]-x1...xn)
4174      using "≡dfE"[OF "contingent-properties:1"] by blast
4175    moreover AOT_modally_strict {
4176      AOT_assume x1...∀xn [F]-x1...xn
4177      AOT_hence [F]-x1...xn for x1xn using "∀E" by blast
4178      AOT_hence ¬[F]x1...xn for x1xn
4179        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:1" "≡E"(2))
4180      AOT_hence x1...∀xn ¬[F]x1...xn using "∀I" by fast
4181    }
4182    ultimately AOT_have x1...∀xn ¬[F]x1...xn
4183      using "RN[prem]"[where Γ="{«x1...∀xn [F]-x1...xn»}"] by blast
4184    AOT_hence Impossible([F])
4185      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(2)]
4186      by blast
4187  }
4188  moreover {
4189    AOT_assume Impossible([F]-)
4190    AOT_hence (x1...∀xn ¬[F]-x1...xn)
4191      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "rel-neg-T:3", THEN "≡E"(1)]
4192      by blast
4193    moreover AOT_modally_strict {
4194      AOT_assume x1...∀xn ¬[F]-x1...xn
4195      AOT_hence ¬[F]-x1...xn for x1xn using "∀E" by blast
4196      AOT_hence [F]x1...xn for x1xn 
4197        using "thm-relation-negation:1"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4198              "useful-tautologies:1"[THEN "→E"] by blast
4199      AOT_hence x1...∀xn [F]x1...xn using "∀I" by fast
4200    }
4201    ultimately AOT_have (x1...∀xn [F]x1...xn)
4202      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]-x1...xn»}"] by blast
4203    AOT_hence Necessary([F])
4204      using "≡dfI"[OF "contingent-properties:1"] by blast
4205  }
4206  ultimately AOT_have Necessary([F])  Impossible([F])
4207    using "∨E"(1) "∨I" "→I" by metis
4208  AOT_thus NonContingent([F])
4209    using "≡dfI"[OF "contingent-properties:3"] by blast
4210qed
4211
4212AOT_theorem "thm-cont-prop:2": Contingent([F])  x [F]x & x ¬[F]x
4213proof -
4214  AOT_have Contingent([F])  ¬(Necessary([F])  Impossible([F]))
4215    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst]]
4216    by blast
4217  also AOT_have ...  ¬Necessary([F]) & ¬Impossible([F])
4218    using "oth-class-taut:5:d" by fastforce
4219  also AOT_have ...  ¬Impossible([F]) & ¬Necessary([F])
4220    by (simp add: "Commutativity of &")
4221  also AOT_have ...  x [F]x & ¬Necessary([F])
4222  proof (rule "oth-class-taut:4:e"[THEN "→E"])
4223    AOT_have ¬Impossible([F])  ¬¬ x [F]x
4224      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4225      apply (AOT_subst x [F]x ¬ x ¬[F]x)
4226       apply (simp add: "conventions:4" "≡Df")
4227      apply (AOT_subst (reverse) ¬¬x ¬[F]x x ¬[F]x)
4228       apply (simp add: "oth-class-taut:3:b")
4229      using "contingent-properties:2"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst]] by blast
4230    also AOT_have ...  x [F]x
4231      using "conventions:5"[THEN "≡Df", symmetric] by blast
4232    finally AOT_show ¬Impossible([F])  x [F]x .
4233  qed
4234  also AOT_have ...  x [F]x & x ¬[F]x
4235  proof (rule "oth-class-taut:4:f"[THEN "→E"])
4236    AOT_have ¬Necessary([F])  ¬¬x ¬[F]x
4237      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4238      apply (AOT_subst x ¬[F]x ¬ x ¬¬[F]x)
4239       apply (simp add: "conventions:4" "≡Df")
4240      apply (AOT_subst (reverse) ¬¬[F]x [F]x for: x)
4241       apply (simp add: "oth-class-taut:3:b")
4242      apply (AOT_subst (reverse) ¬¬x [F]x x [F]x)
4243      by (auto simp: "oth-class-taut:3:b" "contingent-properties:1" "≡Df")
4244    also AOT_have ...  x ¬[F]x
4245      using "conventions:5"[THEN "≡Df", symmetric] by blast
4246    finally AOT_show ¬Necessary([F])  x ¬[F]x.
4247  qed
4248  finally show ?thesis.
4249qed
4250
4251AOT_theorem "thm-cont-prop:3": Contingent([F])  Contingent([F]-) for F::<κ> AOT_var›
4252proof -
4253  {
4254    fix Π :: <κ>
4255    AOT_assume Π
4256    moreover AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
4257      using "thm-cont-prop:2" GEN by fast
4258    ultimately  AOT_have Contingent([Π])  x [Π]x & x ¬[Π]x
4259      using "thm-cont-prop:2" "∀E" by fast
4260  } note 1 = this
4261  AOT_have Contingent([F])  x [F]x & x ¬[F]x
4262    using "thm-cont-prop:2" by blast
4263  also AOT_have ...  x ¬[F]x & x [F]x
4264    by (simp add: "Commutativity of &")
4265  also AOT_have ...  x [F]-x & x [F]x
4266    by (AOT_subst [F]-x ¬[F]x for: x)
4267       (auto simp: "thm-relation-negation:1" "oth-class-taut:3:a")
4268  also AOT_have ...  x [F]-x & x ¬[F]-x
4269    by (AOT_subst (reverse) [F]x ¬[F]-x for: x)
4270       (auto simp: "thm-relation-negation:2" "oth-class-taut:3:a")
4271  also AOT_have ...  Contingent([F]-)
4272    using 1[OF "rel-neg-T:3", symmetric] by blast
4273  finally show ?thesis.
4274qed
4275
4276AOT_define concrete_if_concrete :: ‹Π› ("L")  L_def: L =df x E!x  E!x]
4277
4278AOT_theorem "thm-noncont-e-e:1": Necessary(L)
4279proof -
4280  AOT_modally_strict {
4281    fix x
4282    AOT_have x E!x  E!x] by "cqt:2[lambda]"
4283    moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
4284    moreover AOT_have E!x  E!x using "if-p-then-p" by blast
4285    ultimately AOT_have x E!x  E!x]x
4286      using "β←C" by blast
4287  }
4288  AOT_hence 0: x x E!x  E!x]x
4289    using RN GEN by blast
4290  show ?thesis
4291    apply (rule "=dfI"(2)[OF L_def])
4292     apply "cqt:2[lambda]"
4293    by (rule "contingent-properties:1"[THEN "≡dfI", OF 0])
4294qed
4295
4296AOT_theorem "thm-noncont-e-e:2": Impossible([L]-)
4297proof -
4298  AOT_modally_strict {
4299    fix x
4300
4301    AOT_have 0: F (¬[F]-x  [F]x)
4302      using "thm-relation-negation:2" GEN by fast
4303    AOT_have ¬x E!x  E!x]-x  x E!x  E!x]x
4304      by (rule 0[THEN "∀E"(1)]) "cqt:2[lambda]"
4305    moreover {
4306      AOT_have x E!x  E!x] by "cqt:2[lambda]"
4307      moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
4308      moreover AOT_have E!x  E!x using "if-p-then-p" by blast
4309      ultimately AOT_have x E!x  E!x]x
4310        using "β←C" by blast
4311    }
4312    ultimately AOT_have ¬x E!x  E!x]-x
4313      using "≡E" by blast
4314  }
4315  AOT_hence 0: x ¬x E!x  E!x]-x
4316    using RN GEN by fast
4317  show ?thesis
4318    apply (rule "=dfI"(2)[OF L_def])
4319     apply "cqt:2[lambda]"
4320    apply (rule "contingent-properties:2"[THEN "≡dfI"]; rule "&I")
4321     using "rel-neg-T:3"
4322     apply blast
4323    using 0
4324    by blast
4325qed
4326
4327AOT_theorem "thm-noncont-e-e:3": NonContingent(L)
4328  using "thm-noncont-e-e:1"
4329  by (rule "contingent-properties:3"[THEN "≡dfI", OF "∨I"(1)])
4330
4331AOT_theorem "thm-noncont-e-e:4": NonContingent([L]-)
4332proof -
4333  AOT_have 0: F (NonContingent([F])  NonContingent([F]-))
4334    using "thm-cont-prop:1" "∀I" by fast
4335  moreover AOT_have 1: L
4336    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4337  AOT_show NonContingent([L]-)
4338    using "∀E"(1)[OF 0, OF 1, THEN "≡E"(1), OF "thm-noncont-e-e:3"] by blast
4339qed
4340
4341AOT_theorem "thm-noncont-e-e:5": F G (F  «G::<κ>» & NonContingent([F]) & NonContingent([G]))
4342proof (rule "∃I")+
4343  {
4344    AOT_have F [F]  [F]- using "thm-relation-negation:5" GEN by fast
4345    moreover AOT_have L
4346      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4347    ultimately AOT_have L  [L]- using "∀E" by blast
4348  }
4349  AOT_thus L  [L]- & NonContingent(L) & NonContingent([L]-)
4350    using "thm-noncont-e-e:3" "thm-noncont-e-e:4" "&I" by metis
4351next
4352  AOT_show [L]-
4353    using "rel-neg-T:3" by blast
4354next
4355  AOT_show L
4356      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4357qed
4358
4359AOT_theorem "lem-cont-e:1": x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
4360proof -
4361  AOT_have x ([F]x & ¬[F]x)  x ([F]x & ¬[F]x)
4362    using "BF◇" "CBF◇" "≡I" by blast
4363  also AOT_have   x ([F]x &  ¬[F]x)
4364    by (AOT_subst ([F]x & ¬[F]x) [F]x &  ¬[F]x for: x)
4365       (auto simp: "S5Basic:11" "cqt-further:7")
4366  also AOT_have   x (¬[F]x & [F]x)
4367    by (AOT_subst ¬[F]x & [F]x  [F]x & ¬[F]x for: x)
4368       (auto simp: "Commutativity of &" "cqt-further:7")
4369  also AOT_have   x (¬[F]x & [F]x)
4370    by (AOT_subst (¬[F]x & [F]x) ¬[F]x & [F]x for: x)
4371       (auto simp: "S5Basic:11" "oth-class-taut:3:a")
4372  also AOT_have   x (¬[F]x & [F]x)
4373    using "BF◇" "CBF◇" "≡I" by fast
4374  finally show ?thesis.
4375qed
4376
4377AOT_theorem "lem-cont-e:2": x ([F]x & ¬[F]x)  x ([F]-x & ¬[F]-x)
4378proof -
4379  AOT_have x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
4380    using "lem-cont-e:1".
4381  also AOT_have   x ([F]-x & ¬[F]-x)
4382    apply (AOT_subst ¬[F]-x [F]x for: x)
4383     apply (simp add: "thm-relation-negation:2")
4384    apply (AOT_subst [F]-x ¬[F]x for: x)
4385     apply (simp add: "thm-relation-negation:1")
4386    by (simp add: "oth-class-taut:3:a")
4387  finally show ?thesis.
4388qed
4389
4390AOT_theorem "thm-cont-e:1": x (E!x & ¬E!x)
4391proof (rule "CBF◇"[THEN "→E"])
4392  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] by blast
4393  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
4394  AOT_hence θ: E!a & ¬𝒜E!a
4395    using "KBasic2:3"[THEN "→E"] by blast
4396  AOT_have ξ: E!a & 𝒜¬E!a
4397    by (AOT_subst  𝒜¬E!a ¬𝒜E!a)
4398       (auto simp: "logic-actual-nec:1"[axiom_inst] θ)
4399  AOT_have ζ: E!a & 𝒜¬E!a
4400    by (AOT_subst 𝒜¬E!a 𝒜¬E!a)
4401       (auto simp add: "Act-Sub:4" ξ)
4402  AOT_hence E!a & ¬E!a
4403    using "&E" "&I" "Act-Sub:3"[THEN "→E"] by blast
4404  AOT_hence (E!a & ¬E!a) using "S5Basic:11"[THEN "≡E"(2)] by simp
4405  AOT_thus x (E!x & ¬E!x) using "∃I"(2) by fast
4406qed
4407
4408AOT_theorem "thm-cont-e:2": x (¬E!x & E!x)
4409proof -
4410  AOT_have F (x ([F]x & ¬[F]x)  x (¬[F]x & [F]x))
4411    using "lem-cont-e:1" GEN by fast
4412  AOT_hence (x (E!x & ¬E!x)  x (¬E!x & E!x))
4413    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
4414  thus ?thesis using "thm-cont-e:1" "≡E" by blast
4415qed
4416
4417AOT_theorem "thm-cont-e:3": x E!x
4418proof (rule "CBF◇"[THEN "→E"])
4419  AOT_obtain a where (E!a & ¬E!a)
4420    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
4421  AOT_hence E!a
4422    using "KBasic2:3"[THEN "→E", THEN "&E"(1)] by blast
4423  AOT_thus x E!x using "∃I" by fast
4424qed
4425
4426AOT_theorem "thm-cont-e:4": x ¬E!x
4427proof (rule "CBF◇"[THEN "→E"])
4428  AOT_obtain a where (E!a & ¬E!a)
4429    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
4430  AOT_hence ¬E!a
4431    using "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast
4432  AOT_hence ¬E!a
4433    using "4◇"[THEN "→E"] by blast
4434  AOT_thus x ¬E!x using "∃I" by fast
4435qed
4436
4437AOT_theorem "thm-cont-e:5": Contingent([E!])
4438proof -
4439  AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
4440    using "thm-cont-prop:2" GEN by fast
4441  AOT_hence Contingent([E!])  x E!x & x ¬E!x
4442    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
4443  thus ?thesis
4444    using "thm-cont-e:3" "thm-cont-e:4" "≡E"(2) "&I" by blast
4445qed
4446
4447AOT_theorem "thm-cont-e:6": Contingent([E!]-)
4448proof -
4449  AOT_have F (Contingent([«F::<κ>»])  Contingent([F]-))
4450    using "thm-cont-prop:3" GEN by fast
4451  AOT_hence Contingent([E!])  Contingent([E!]-)
4452    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
4453  thus ?thesis using "thm-cont-e:5" "≡E" by blast
4454qed
4455
4456AOT_theorem "thm-cont-e:7": FG (Contingent([«F::<κ>»]) & Contingent([G]) & F  G)
4457proof (rule "∃I")+
4458  AOT_have F [«F::<κ>»]  [F]- using "thm-relation-negation:5" GEN by fast
4459  AOT_hence [E!]  [E!]-
4460    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
4461  AOT_thus Contingent([E!]) & Contingent([E!]-) & [E!]  [E!]-
4462    using "thm-cont-e:5" "thm-cont-e:6" "&I" by metis
4463next
4464  AOT_show E!-
4465    by (fact AOT)
4466next
4467  AOT_show E! by (fact "cqt:2[concrete]"[axiom_inst])
4468qed
4469
4470AOT_theorem "property-facts:1": NonContingent([F])  ¬G (Contingent([G]) & G = F)
4471proof (rule "→I"; rule "raa-cor:2")
4472  AOT_assume NonContingent([F])
4473  AOT_hence 1: Necessary([F])  Impossible([F])
4474    using "contingent-properties:3"[THEN "≡dfE"] by blast
4475  AOT_assume G (Contingent([G]) & G = F)
4476  then AOT_obtain G where Contingent([G]) & G = F using "∃E"[rotated] by blast
4477  AOT_hence Contingent([F]) using "rule=E" "&E" by blast
4478  AOT_hence ¬(Necessary([F])  Impossible([F]))
4479    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
4480  AOT_thus (Necessary([F])  Impossible([F])) & ¬(Necessary([F])  Impossible([F]))
4481    using 1 "&I" by blast
4482qed
4483
4484AOT_theorem "property-facts:2": Contingent([F])  ¬G (NonContingent([G]) & G = F)
4485proof (rule "→I"; rule "raa-cor:2")
4486  AOT_assume Contingent([F])
4487  AOT_hence 1: ¬(Necessary([F])  Impossible([F]))
4488    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
4489  AOT_assume G (NonContingent([G]) & G = F)
4490  then AOT_obtain G where NonContingent([G]) & G = F using "∃E"[rotated] by blast
4491  AOT_hence NonContingent([F]) using "rule=E" "&E" by blast
4492  AOT_hence Necessary([F])  Impossible([F])
4493    using "contingent-properties:3"[THEN "≡dfE"] by blast
4494  AOT_thus (Necessary([F])  Impossible([F])) & ¬(Necessary([F])  Impossible([F]))
4495    using 1 "&I" by blast
4496qed
4497
4498AOT_theorem "property-facts:3": L  [L]- & L  E! & L  E!- & [L]-  [E!]- & E!  [E!]-
4499proof -
4500  AOT_have noneqI: Π  Π' if φ{Π} and ¬φ{Π'} for φ and Π Π' :: <κ>
4501    apply (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
4502    using "rule=E"[where φ=φ and τ=Π and σ = Π'] that "&I" by blast
4503  AOT_have contingent_denotes: Π if Contingent([Π]) for Π :: <κ>
4504    using that "contingent-properties:4"[THEN "≡dfE", THEN "&E"(1)] by blast
4505  AOT_have not_noncontingent_if_contingent: ¬NonContingent([Π]) if Contingent([Π]) for Π :: <κ>
4506  proof(rule RAA(2))
4507    AOT_show ¬(Necessary([Π])  Impossible([Π]))
4508      using that "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF contingent_denotes[OF that], THEN "≡E"(1)] by blast
4509  next
4510    AOT_assume NonContingent([Π])
4511    AOT_thus Necessary([Π])  Impossible([Π])
4512      using "contingent-properties:3"[THEN "≡dfE"] by blast
4513  qed
4514
4515  show ?thesis
4516  proof (safe intro!: "&I")
4517    AOT_show L  [L]-
4518      apply (rule "=dfI"(2)[OF L_def])
4519       apply "cqt:2[lambda]"
4520      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
4521       apply (rule GEN) apply (fact AOT)
4522      by "cqt:2[lambda]"
4523  next
4524    AOT_show L  E!
4525      apply (rule noneqI)
4526      using "thm-noncont-e-e:3" not_noncontingent_if_contingent[OF "thm-cont-e:5"]
4527      by auto
4528  next
4529    AOT_show L  E!-
4530      apply (rule noneqI)
4531      using "thm-noncont-e-e:3" apply fast
4532      apply (rule not_noncontingent_if_contingent)
4533      apply (rule "∀E"(1)[where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»", rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
4534      using "thm-cont-prop:3" GEN apply fast
4535      using "thm-cont-e:5" by fast+
4536  next
4537    AOT_show [L]-  E!-
4538      apply (rule noneqI)
4539      using "thm-noncont-e-e:4" apply fast
4540      apply (rule not_noncontingent_if_contingent)
4541      apply (rule "∀E"(1)[where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»", rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
4542      using "thm-cont-prop:3" GEN apply fast
4543      using "thm-cont-e:5" by fast+
4544  next
4545    AOT_show E!  E!-
4546      apply (rule "=dfI"(2)[OF L_def])
4547       apply "cqt:2[lambda]"
4548      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
4549       apply (rule GEN) apply (fact AOT)
4550      by (fact "cqt:2[concrete]"[axiom_inst])
4551  qed
4552qed
4553
4554AOT_theorem "thm-cont-propos:1": NonContingent0(p)  NonContingent0(((p)-))
4555proof(rule "≡I"; rule "→I")
4556  AOT_assume NonContingent0(p)
4557  AOT_hence Necessary0(p)  Impossible0(p)
4558    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4559  moreover {
4560    AOT_assume Necessary0(p)
4561    AOT_hence 1: p using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4562    AOT_have ¬((p)-)
4563      by (AOT_subst ¬((p)-) p)
4564         (auto simp add: 1 "thm-relation-negation:4")
4565    AOT_hence Impossible0(((p)-))
4566      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4567  }
4568  moreover {
4569    AOT_assume Impossible0(p)
4570    AOT_hence 1: ¬p
4571      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
4572    AOT_have ((p)-)
4573      by (AOT_subst ((p)-) ¬p) 
4574         (auto simp: 1 "thm-relation-negation:3")
4575    AOT_hence Necessary0(((p)-))
4576      by (rule "contingent-properties:1[zero]"[THEN "≡dfI"])
4577  }
4578  ultimately AOT_have Necessary0(((p)-))  Impossible0(((p)-))
4579    using "∨E"(1) "∨I" "→I" by metis
4580  AOT_thus NonContingent0(((p)-))
4581    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
4582next
4583  AOT_assume NonContingent0(((p)-))
4584  AOT_hence Necessary0(((p)-))  Impossible0(((p)-))
4585    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4586  moreover {
4587    AOT_assume Impossible0(((p)-))
4588    AOT_hence 1: ¬((p)-)
4589      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
4590    AOT_have p
4591      by (AOT_subst (reverse) p ¬((p)-))
4592         (auto simp: 1 "thm-relation-negation:4")
4593    AOT_hence Necessary0(p)
4594      using "contingent-properties:1[zero]"[THEN "≡dfI"] by blast
4595  }
4596  moreover {
4597    AOT_assume Necessary0(((p)-))
4598    AOT_hence 1: ((p)-)
4599      by (rule "contingent-properties:1[zero]"[THEN "≡dfE"])
4600    AOT_have ¬p
4601      by (AOT_subst (reverse) ¬p ((p)-))
4602         (auto simp: 1 "thm-relation-negation:3")
4603    AOT_hence Impossible0(p)
4604      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4605  }
4606  ultimately AOT_have Necessary0(p)  Impossible0(p)
4607    using "∨E"(1) "∨I" "→I" by metis
4608  AOT_thus NonContingent0(p)
4609    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
4610qed
4611
4612AOT_theorem "thm-cont-propos:2": Contingent0(φ)  φ & ¬φ
4613proof -
4614  AOT_have Contingent0(φ)  ¬(Necessary0(φ)  Impossible0(φ))
4615    using "contingent-properties:4[zero]"[THEN "≡Df"] by simp
4616  also AOT_have   ¬Necessary0(φ) & ¬Impossible0(φ)
4617    by (fact AOT)
4618  also AOT_have   ¬Impossible0(φ) & ¬Necessary0(φ)
4619    by (fact AOT)
4620  also AOT_have   φ & ¬φ
4621    apply (AOT_subst φ ¬¬φ)
4622     apply (simp add: "conventions:5" "≡Df")
4623    apply (AOT_subst Impossible0(φ) ¬φ)
4624     apply (simp add: "contingent-properties:2[zero]" "≡Df")
4625    apply (AOT_subst (reverse) ¬φ ¬φ)
4626     apply (simp add: "KBasic:11")
4627    apply (AOT_subst Necessary0(φ) φ)
4628     apply (simp add: "contingent-properties:1[zero]" "≡Df")
4629    by (simp add: "oth-class-taut:3:a")
4630  finally show ?thesis.
4631qed
4632
4633AOT_theorem "thm-cont-propos:3": Contingent0(p)  Contingent0(((p)-))
4634proof -
4635  AOT_have Contingent0(p)  p & ¬p using "thm-cont-propos:2".
4636  also AOT_have   ¬p & p by (fact AOT)
4637  also AOT_have   ((p)-) & p
4638    by (AOT_subst ((p)-) ¬p)
4639       (auto simp: "thm-relation-negation:3" "oth-class-taut:3:a")
4640  also AOT_have   ((p)-) & ¬((p)-)
4641    by (AOT_subst ¬((p)-) p)
4642       (auto simp: "thm-relation-negation:4" "oth-class-taut:3:a")
4643  also AOT_have   Contingent0(((p)-))
4644    using "thm-cont-propos:2"[symmetric] by blast
4645  finally show ?thesis.
4646qed
4647
4648AOT_define noncontingent_prop :: ‹φ› ("p0")
4649  p0_def: "(p0) =df (x (E!x  E!x))"
4650
4651AOT_theorem "thm-noncont-propos:1":  Necessary0((p0))
4652proof(rule "contingent-properties:1[zero]"[THEN "≡dfI"])
4653  AOT_show (p0)
4654    apply (rule "=dfI"(2)[OF p0_def])
4655    using "log-prop-prop:2" apply simp
4656    using "if-p-then-p" RN GEN by fast
4657qed
4658
4659AOT_theorem "thm-noncont-propos:2": Impossible0(((p0)-))
4660proof(rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4661  AOT_show ¬((p0)-)
4662    apply (AOT_subst ((p0)-) ¬p0)
4663    using "thm-relation-negation:3" GEN "∀E"(1)[rotated, OF "log-prop-prop:2"] apply fast
4664    apply (AOT_subst (reverse) ¬¬p0 p0)
4665     apply (simp add: "oth-class-taut:3:b")
4666    apply (rule "=dfI"(2)[OF p0_def])
4667    using "log-prop-prop:2" apply simp
4668    using "if-p-then-p" RN GEN by fast
4669qed
4670
4671AOT_theorem "thm-noncont-propos:3": NonContingent0((p0))
4672  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
4673  using "thm-noncont-propos:1" "∨I" by blast
4674
4675AOT_theorem "thm-noncont-propos:4": NonContingent0(((p0)-))
4676  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
4677  using "thm-noncont-propos:2" "∨I" by blast
4678
4679AOT_theorem "thm-noncont-propos:5": pq (NonContingent0((p)) & NonContingent0((q)) & p  q)
4680proof(rule "∃I")+
4681  AOT_have 0: φ  (φ)- for φ
4682    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4683  AOT_thus NonContingent0((p0)) & NonContingent0(((p0)-)) & (p0)  (p0)-
4684    using "thm-noncont-propos:3" "thm-noncont-propos:4" "&I" by auto
4685qed(auto simp: "log-prop-prop:2")
4686
4687AOT_act_theorem "no-cnac": ¬x(E!x & ¬𝒜E!x)
4688proof(rule "raa-cor:2")
4689  AOT_assume x(E!x & ¬𝒜E!x)
4690  then AOT_obtain a where a: E!a & ¬𝒜E!a
4691    using "∃E"[rotated] by blast
4692  AOT_hence 𝒜¬E!a using "&E" "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
4693  AOT_hence ¬E!a using "logic-actual"[act_axiom_inst, THEN "→E"] by blast
4694  AOT_hence E!a & ¬E!a using a "&E" "&I" by blast
4695  AOT_thus p & ¬p for p using "raa-cor:1" by blast
4696qed
4697
4698AOT_theorem "pos-not-pna:1": ¬𝒜x (E!x & ¬𝒜E!x)
4699proof(rule "raa-cor:2")
4700  AOT_assume 𝒜x (E!x & ¬𝒜E!x)
4701  AOT_hence x 𝒜(E!x & ¬𝒜E!x)
4702    using "Act-Basic:10"[THEN "≡E"(1)] by blast
4703  then AOT_obtain a where 𝒜(E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
4704  AOT_hence 1: 𝒜E!a & 𝒜¬𝒜E!a using "Act-Basic:2"[THEN "≡E"(1)] by blast
4705  AOT_hence ¬𝒜𝒜E!a using "&E"(2) "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by blast
4706  AOT_hence ¬𝒜E!a using "logic-actual-nec:4"[axiom_inst, THEN "≡E"(1)] RAA by blast
4707  AOT_thus p & ¬p for p using 1[THEN "&E"(1)] "&I" "raa-cor:1" by blast
4708qed
4709
4710AOT_theorem "pos-not-pna:2": ¬x(E!x & ¬𝒜E!x)
4711proof (rule RAA(1))
4712  AOT_show ¬𝒜x (E!x & ¬𝒜E!x) using "pos-not-pna:1" by blast
4713next
4714  AOT_assume ¬¬x (E!x & ¬𝒜E!x)
4715  AOT_hence x (E!x & ¬𝒜E!x)
4716    using "KBasic:12"[THEN "≡E"(2)] by blast
4717  AOT_thus 𝒜x (E!x & ¬𝒜E!x)
4718    using "nec-imp-act"[THEN "→E"] by blast
4719qed
4720
4721AOT_theorem "pos-not-pna:3": x (E!x & ¬𝒜E!x)
4722proof -
4723  AOT_obtain a where (E!a & ¬𝒜E!a)
4724    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] "∃E"[rotated] by blast
4725  AOT_hence θ: E!a and ξ: ¬𝒜E!a using "KBasic2:3"[THEN "→E"] "&E" by blast+
4726  AOT_have ¬𝒜E!a using ξ "KBasic:11"[THEN "≡E"(2)] by blast
4727  AOT_hence ¬𝒜E!a using "Act-Basic:6"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)] by blast
4728  AOT_hence E!a & ¬𝒜E!a using θ "&I" by blast
4729  thus ?thesis using "∃I" by fast
4730qed
4731
4732AOT_define contingent_prop :: φ ("q0")
4733  q0_def: (q0) =df (x (E!x & ¬𝒜E!x))
4734
4735AOT_theorem q0_prop: q0 & ¬q0
4736  apply (rule "=dfI"(2)[OF q0_def])
4737  apply (fact "log-prop-prop:2")
4738  apply (rule "&I")
4739   apply (fact "qml:4"[axiom_inst])
4740  by (fact "pos-not-pna:2")
4741
4742AOT_theorem "basic-prop:1": Contingent0((q0))
4743proof(rule "contingent-properties:4[zero]"[THEN "≡dfI"])
4744  AOT_have ¬Necessary0((q0)) & ¬Impossible0((q0))
4745  proof (rule "&I"; rule "=dfI"(2)[OF q0_def]; (rule "log-prop-prop:2" | rule "raa-cor:2"))
4746    AOT_assume Necessary0(x (E!x & ¬𝒜E!x))
4747    AOT_hence x (E!x & ¬𝒜E!x)
4748      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4749    AOT_hence 𝒜x (E!x & ¬𝒜E!x)
4750      using "Act-Basic:8"[THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
4751    AOT_thus 𝒜x (E!x & ¬𝒜E!x) & ¬𝒜x (E!x & ¬𝒜E!x)
4752      using "pos-not-pna:1" "&I" by blast
4753  next
4754    AOT_assume Impossible0(x (E!x & ¬𝒜E!x))
4755    AOT_hence ¬(x (E!x & ¬𝒜E!x))
4756      using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
4757    AOT_hence ¬(x (E!x & ¬𝒜E!x)) using "KBasic2:1"[THEN "≡E"(1)] by blast
4758    AOT_thus (x (E!x & ¬𝒜E!x)) & ¬(x (E!x & ¬𝒜E!x))
4759      using "qml:4"[axiom_inst] "&I" by blast
4760  qed
4761  AOT_thus ¬(Necessary0((q0))  Impossible0((q0)))
4762    using "oth-class-taut:5:d" "≡E"(2) by blast
4763qed
4764
4765AOT_theorem "basic-prop:2": p Contingent0((p))
4766  using "∃I"(1)[rotated, OF "log-prop-prop:2"] "basic-prop:1" by blast
4767
4768AOT_theorem "basic-prop:3": Contingent0(((q0)-))
4769  apply (AOT_subst ((q0)-) ¬q0)
4770   apply (insert "thm-relation-negation:3" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"]; fast)
4771  apply (rule "contingent-properties:4[zero]"[THEN "≡dfI"])
4772  apply (rule "oth-class-taut:5:d"[THEN "≡E"(2)])
4773  apply (rule "&I")
4774   apply (rule "contingent-properties:1[zero]"[THEN "df-rules-formulas[3]", THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
4775   apply (rule "conventions:5"[THEN "≡dfE"])
4776   apply (rule "=dfE"(2)[OF q0_def])
4777    apply (rule "log-prop-prop:2")
4778   apply (rule q0_prop[THEN "&E"(1)])
4779  apply (rule "contingent-properties:2[zero]"[THEN "df-rules-formulas[3]", THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
4780  apply (rule "conventions:5"[THEN "≡dfE"])
4781  by (rule q0_prop[THEN "&E"(2)])
4782
4783AOT_theorem "basic-prop:4": pq (p  q & Contingent0(p) & Contingent0(q))
4784proof(rule "∃I")+
4785  AOT_have 0: φ  (φ)- for φ
4786    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4787  AOT_show (q0)  (q0)- & Contingent0(q0) & Contingent0(((q0)-))
4788    using "basic-prop:1" "basic-prop:3" "&I" 0 by presburger
4789qed(auto simp: "log-prop-prop:2")
4790
4791AOT_theorem "proposition-facts:1": NonContingent0(p)  ¬q (Contingent0(q) & q = p)
4792proof(rule "→I"; rule "raa-cor:2")
4793  AOT_assume NonContingent0(p)
4794  AOT_hence 1: Necessary0(p)  Impossible0(p)
4795    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4796  AOT_assume q (Contingent0(q) & q = p)
4797  then AOT_obtain q where Contingent0(q) & q = p using "∃E"[rotated] by blast
4798  AOT_hence Contingent0(p) using "rule=E" "&E" by fast
4799  AOT_thus (Necessary0(p)  Impossible0(p)) & ¬(Necessary0(p)  Impossible0(p))
4800    using "contingent-properties:4[zero]"[THEN "≡dfE"] 1 "&I" by blast
4801qed
4802
4803AOT_theorem "proposition-facts:2": Contingent0(p)  ¬q (NonContingent0(q) & q = p)
4804proof(rule "→I"; rule "raa-cor:2")
4805  AOT_assume Contingent0(p)
4806  AOT_hence 1: ¬(Necessary0(p)  Impossible0(p))
4807    using "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
4808  AOT_assume q (NonContingent0(q) & q = p)
4809  then AOT_obtain q where NonContingent0(q) & q = p using "∃E"[rotated] by blast
4810  AOT_hence NonContingent0(p) using "rule=E" "&E" by fast
4811  AOT_thus (Necessary0(p)  Impossible0(p)) & ¬(Necessary0(p)  Impossible0(p))
4812    using "contingent-properties:3[zero]"[THEN "≡dfE"] 1 "&I" by blast
4813qed
4814
4815AOT_theorem "proposition-facts:3": (p0)  (p0)- & (p0)  (q0) & (p0)  (q0)- & (p0)-  (q0)- & (q0)  (q0)-
4816proof -
4817  {
4818    fix χ φ ψ
4819    AOT_assume χ{φ}
4820    moreover AOT_assume ¬χ{ψ}
4821    ultimately AOT_have ¬(χ{φ}  χ{ψ})
4822      using RAA "≡E" by metis
4823    moreover {
4824      AOT_have pq ((¬(χ{p}  χ{q}))  p  q)
4825        by (rule "∀I"; rule "∀I"; rule "pos-not-equiv-ne:4[zero]")
4826      AOT_hence ((¬(χ{φ}  χ{ψ}))  φ  ψ)
4827        using "∀E" "log-prop-prop:2" by blast
4828    }
4829    ultimately AOT_have φ  ψ
4830      using "→E" by blast
4831  } note 0 = this
4832  AOT_have contingent_neg: Contingent0(φ)  Contingent0(((φ)-)) for φ
4833    using "thm-cont-propos:3" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4834  AOT_have not_noncontingent_if_contingent: ¬NonContingent0(φ) if Contingent0(φ) for φ
4835    apply (rule "contingent-properties:3[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4836    using that "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
4837  show ?thesis
4838    apply (rule "&I")+
4839    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] apply fast
4840       apply (rule 0)
4841    using "thm-noncont-propos:3" apply fast
4842       apply (rule not_noncontingent_if_contingent)
4843       apply (fact AOT)
4844      apply (rule 0)
4845    apply (rule "thm-noncont-propos:3")
4846      apply (rule not_noncontingent_if_contingent)
4847      apply (rule contingent_neg[THEN "≡E"(1)])
4848      apply (fact AOT)
4849     apply (rule 0)
4850    apply (rule "thm-noncont-propos:4")
4851      apply (rule not_noncontingent_if_contingent)
4852      apply (rule contingent_neg[THEN "≡E"(1)])
4853     apply (fact AOT)
4854    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4855qed
4856
4857AOT_define ContingentlyTrue :: ‹φ  φ› ("ContingentlyTrue'(_')")
4858  "cont-tf:1": ContingentlyTrue(p) df p & ¬p
4859
4860AOT_define ContingentlyFalse :: ‹φ  φ› ("ContingentlyFalse'(_')")
4861  "cont-tf:2": ContingentlyFalse(p) df ¬p & p
4862
4863AOT_theorem "cont-true-cont:1": ContingentlyTrue((p))  Contingent0((p))
4864proof(rule "→I")
4865  AOT_assume ContingentlyTrue((p))
4866  AOT_hence 1: p and 2: ¬p using "cont-tf:1"[THEN "≡dfE"] "&E" by blast+
4867  AOT_have ¬Necessary0((p))
4868    apply (rule "contingent-properties:1[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4869    using 2 "KBasic:11"[THEN "≡E"(2)] by blast
4870  moreover AOT_have ¬Impossible0((p))
4871    apply (rule "contingent-properties:2[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4872    apply (rule "conventions:5"[THEN "≡dfE"])
4873    using "T◇"[THEN "→E", OF 1].
4874  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
4875    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
4876  AOT_thus Contingent0((p))
4877    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
4878qed
4879
4880AOT_theorem "cont-true-cont:2": ContingentlyFalse((p))  Contingent0((p))
4881proof(rule "→I")
4882  AOT_assume ContingentlyFalse((p))
4883  AOT_hence 1: ¬p and 2: p using "cont-tf:2"[THEN "≡dfE"] "&E" by blast+
4884  AOT_have ¬Necessary0((p))
4885    apply (rule "contingent-properties:1[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4886    using "KBasic:11"[THEN "≡E"(2)] "T◇"[THEN "→E", OF 1] by blast
4887  moreover AOT_have ¬Impossible0((p))
4888    apply (rule "contingent-properties:2[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4889    apply (rule "conventions:5"[THEN "≡dfE"])
4890    using 2.
4891  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
4892    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
4893  AOT_thus Contingent0((p))
4894    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
4895qed
4896
4897AOT_theorem "cont-true-cont:3": ContingentlyTrue((p))  ContingentlyFalse(((p)-))
4898proof(rule "≡I"; rule "→I")
4899  AOT_assume ContingentlyTrue((p))
4900  AOT_hence 0: p & ¬p using "cont-tf:1"[THEN "≡dfE"] by blast
4901  AOT_have 1: ContingentlyFalse(¬p)
4902    apply (rule "cont-tf:2"[THEN "≡dfI"])
4903    apply (AOT_subst (reverse) ¬¬p p)
4904    by (auto simp: "oth-class-taut:3:b" 0)
4905  AOT_show ContingentlyFalse(((p)-))
4906    apply (AOT_subst ((p)-) ¬p)
4907    by (auto simp: "thm-relation-negation:3" 1)
4908next
4909  AOT_assume 1: ContingentlyFalse(((p)-))
4910  AOT_have ContingentlyFalse(¬p)
4911    by (AOT_subst (reverse) ¬p ((p)-))
4912       (auto simp: "thm-relation-negation:3" 1)
4913  AOT_hence ¬¬p & ¬p using "cont-tf:2"[THEN "≡dfE"] by blast
4914  AOT_hence p & ¬p
4915    using "&I" "&E" "useful-tautologies:1"[THEN "→E"] by metis
4916  AOT_thus ContingentlyTrue((p))
4917    using "cont-tf:1"[THEN "≡dfI"] by blast
4918qed
4919
4920AOT_theorem "cont-true-cont:4": ContingentlyFalse((p))  ContingentlyTrue(((p)-))
4921proof(rule "≡I"; rule "→I")
4922  AOT_assume ContingentlyFalse(p)
4923  AOT_hence 0: ¬p & p
4924    using "cont-tf:2"[THEN "≡dfE"] by blast
4925  AOT_have ¬p & ¬¬p
4926    by (AOT_subst (reverse) ¬¬p p)
4927       (auto simp: "oth-class-taut:3:b" 0)
4928  AOT_hence 1: ContingentlyTrue(¬p)
4929    by (rule "cont-tf:1"[THEN "≡dfI"])
4930  AOT_show ContingentlyTrue(((p)-))
4931    by (AOT_subst ((p)-) ¬p)
4932       (auto simp: "thm-relation-negation:3" 1)
4933next
4934  AOT_assume 1: ContingentlyTrue(((p)-))
4935  AOT_have ContingentlyTrue(¬p)
4936    by (AOT_subst (reverse) ¬p ((p)-))
4937       (auto simp add: "thm-relation-negation:3" 1)
4938  AOT_hence 2: ¬p & ¬¬p using "cont-tf:1"[THEN "≡dfE"] by blast
4939  AOT_have p
4940    by (AOT_subst p ¬¬p)
4941       (auto simp add: "oth-class-taut:3:b" 2[THEN "&E"(2)])
4942  AOT_hence ¬p & p using 2[THEN "&E"(1)] "&I" by blast
4943  AOT_thus ContingentlyFalse(p)
4944    by (rule "cont-tf:2"[THEN "≡dfI"])
4945qed
4946
4947AOT_theorem "cont-true-cont:5": (ContingentlyTrue((p)) & Necessary0((q)))  p  q
4948proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
4949  AOT_assume ContingentlyTrue((p))
4950  AOT_hence ¬p
4951    using "cont-tf:1"[THEN "≡dfE"] "&E" by blast
4952  AOT_hence 0: ¬p using "KBasic:11"[THEN "≡E"(2)] by blast
4953  AOT_assume Necessary0((q))
4954  moreover AOT_assume ¬(p  q)
4955  AOT_hence p = q
4956    using "=-infix"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4957          "useful-tautologies:1"[THEN "→E"] by blast
4958  ultimately AOT_have Necessary0((p)) using "rule=E" id_sym by blast
4959  AOT_hence p
4960    using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4961  AOT_thus p & ¬p using 0 "&I" by blast
4962qed
4963
4964AOT_theorem "cont-true-cont:6": (ContingentlyFalse((p)) & Impossible0((q)))  p  q
4965proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
4966  AOT_assume ContingentlyFalse((p))
4967  AOT_hence p
4968    using "cont-tf:2"[THEN "≡dfE"] "&E" by blast
4969  AOT_hence 1: ¬¬p
4970    using "conventions:5"[THEN "≡dfE"] by blast
4971  AOT_assume Impossible0((q))
4972  moreover AOT_assume ¬(p  q)
4973  AOT_hence p = q
4974    using "=-infix"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4975          "useful-tautologies:1"[THEN "→E"] by blast
4976  ultimately AOT_have Impossible0((p)) using "rule=E" id_sym by blast
4977  AOT_hence ¬p
4978    using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
4979  AOT_thus ¬p & ¬¬p using 1 "&I" by blast
4980qed
4981
4982AOT_act_theorem "q0cf:1": ContingentlyFalse(q0)
4983  apply (rule "cont-tf:2"[THEN "≡dfI"])
4984  apply (rule "=dfI"(2)[OF q0_def])
4985   apply (fact "log-prop-prop:2")
4986  apply (rule "&I")
4987   apply (fact "no-cnac")
4988  by (fact "qml:4"[axiom_inst])
4989
4990AOT_act_theorem "q0cf:2": ContingentlyTrue(((q0)-))
4991  apply (rule "cont-tf:1"[THEN "≡dfI"])
4992  apply (rule "=dfI"(2)[OF q0_def])
4993   apply (fact "log-prop-prop:2")
4994  apply (rule "&I")
4995     apply (rule "thm-relation-negation:3"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)])
4996     apply (fact "no-cnac")
4997    apply (rule "rule=E"[rotated, OF "thm-relation-negation:7"[unvarify p, OF "log-prop-prop:2", THEN id_sym]])
4998  apply (AOT_subst (reverse) ¬¬(x  (E!x & ¬𝒜E!x)) x (E!x & ¬𝒜E!x))
4999  by (auto simp: "oth-class-taut:3:b" "qml:4"[axiom_inst])
5000
5001(* TODO: q0cf-rem skipped for now *)
5002
5003AOT_theorem "cont-tf-thm:1": p ContingentlyTrue((p))
5004proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5005  AOT_assume q0
5006  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5007  AOT_thus ContingentlyTrue(q0)
5008    by (rule "cont-tf:1"[THEN "≡dfI"])
5009next
5010  AOT_assume ¬q0
5011  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5012  AOT_hence ContingentlyFalse(q0)
5013    by (rule "cont-tf:2"[THEN "≡dfI"])
5014  AOT_thus ContingentlyTrue(((q0)-))
5015    by (rule "cont-true-cont:4"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)])
5016qed(auto simp: "log-prop-prop:2")
5017
5018
5019AOT_theorem "cont-tf-thm:2": p ContingentlyFalse((p))
5020proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5021  AOT_assume q0
5022  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5023  AOT_hence ContingentlyTrue(q0)
5024    by (rule "cont-tf:1"[THEN "≡dfI"])
5025  AOT_thus ContingentlyFalse(((q0)-))
5026    by (rule "cont-true-cont:3"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)])
5027next
5028  AOT_assume ¬q0
5029  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5030  AOT_thus ContingentlyFalse(q0)
5031    by (rule "cont-tf:2"[THEN "≡dfI"])
5032qed(auto simp: "log-prop-prop:2")
5033
5034(* TODO: inspect modally strict subproof involving obtained variable *)
5035AOT_theorem "property-facts1:1": Fx ([F]x & ¬[F]x)
5036proof -
5037  fix x
5038  AOT_obtain p1 where ContingentlyTrue((p1))
5039    using "cont-tf-thm:1" "∃E"[rotated] by blast
5040  AOT_hence 1: p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
5041  AOT_modally_strict {
5042    AOT_have for arbitrary p:  (z p]x  p)
5043      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5044    AOT_hence for arbitrary p:   (z p]x  p)
5045      by (rule RN)
5046    AOT_hence p (z p]x  p) using GEN by fast
5047    AOT_hence (z p1]x  p1) using "∀E" by fast
5048  } note 2 = this
5049  AOT_hence (z p1]x  p1) using "∀E" by blast
5050  AOT_hence z p1]x using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5051  moreover AOT_have ¬z p1]x
5052    using 2[THEN "qml:2"[axiom_inst, THEN "→E"]]
5053    apply (AOT_subst z p1]x p1)
5054    using 1[THEN "&E"(2)] by blast
5055  ultimately AOT_have z p1]x & ¬z p1]x using "&I" by blast
5056  AOT_hence x (z p1]x & ¬z p1]x) using "∃I"(2) by fast
5057  moreover AOT_have z p1] by "cqt:2[lambda]"
5058  ultimately AOT_show Fx ([F]x & ¬[F]x) by (rule "∃I"(1))
5059qed
5060
5061(* TODO: inspect modally strict subproof involving obtained variable *)
5062AOT_theorem "property-facts1:2": Fx (¬[F]x & [F]x)
5063proof -
5064  fix x
5065  AOT_obtain p1 where ContingentlyFalse((p1))
5066    using "cont-tf-thm:2" "∃E"[rotated] by blast
5067  AOT_hence 1: ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
5068  AOT_modally_strict {
5069    AOT_have for arbitrary p:  (z p]x  p)
5070      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5071    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5072      using "oth-class-taut:4:b" "≡E" by blast
5073    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5074      by (rule RN)
5075    AOT_hence p (¬z p]x  ¬p) using GEN by fast
5076    AOT_hence (¬z p1]x  ¬p1) using "∀E" by fast
5077  } note 2 = this
5078  AOT_hence (¬z p1]x  ¬p1) using "∀E" by blast
5079  AOT_hence 3: ¬z p1]x using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5080  AOT_modally_strict {
5081    AOT_have for arbitrary p:  (z p]x  p)
5082      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5083    AOT_hence for arbitrary p:  (z p]x  p)
5084      by (rule RN)
5085    AOT_hence p (z p]x  p) using GEN by fast
5086    AOT_hence (z p1]x  p1) using "∀E" by fast
5087  } note 4 = this
5088  AOT_have z p1]x
5089    using 4[THEN "qml:2"[axiom_inst, THEN "→E"]]
5090    apply (AOT_subst z p1]x p1)
5091    using 1[THEN "&E"(2)] by blast
5092  AOT_hence ¬z p1]x & z p1]x using 3 "&I" by blast
5093  AOT_hence x (¬z p1]x & z p1]x) using "∃I"(2) by fast
5094  moreover AOT_have z p1] by "cqt:2[lambda]"
5095  ultimately AOT_show Fx (¬[F]x & [F]x) by (rule "∃I"(1))
5096qed
5097
5098context
5099begin
5100
5101private AOT_lemma eqnotnec_123_Aux_ζ: [L]x  (E!x  E!x)
5102    apply (rule "=dfI"(2)[OF L_def])
5103     apply "cqt:2[lambda]"
5104    apply (rule "beta-C-meta"[THEN "→E"])
5105  by "cqt:2[lambda]"
5106
5107private AOT_lemma eqnotnec_123_Aux_ω: z φ]x  φ
5108    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5109
5110private AOT_lemma eqnotnec_123_Aux_θ: φ  x([L]x  z φ]x)
5111proof(rule "≡I"; rule "→I"; (rule "∀I")?)
5112  fix x
5113  AOT_assume 1: φ
5114  AOT_have [L]x  (E!x  E!x) using eqnotnec_123_Aux_ζ.
5115  also AOT_have   φ
5116    using "if-p-then-p" 1 "≡I" "→I" by simp
5117  also AOT_have   z φ]x
5118    using "Commutativity of ≡"[THEN "≡E"(1)] eqnotnec_123_Aux_ω by blast
5119  finally AOT_show [L]x  z φ]x.
5120next
5121  fix x
5122  AOT_assume x([L]x  z φ]x)
5123  AOT_hence [L]x  z φ]x using "∀E" by blast
5124  also AOT_have   φ using eqnotnec_123_Aux_ω.
5125  finally AOT_have φ  [L]x using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5126  also AOT_have   E!x  E!x using eqnotnec_123_Aux_ζ.
5127  finally AOT_show φ using "≡E" "if-p-then-p" by fast
5128qed
5129private lemmas eqnotnec_123_Aux_ξ =  eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5130                      THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
5131                      THEN "RM◇"]
5132private lemmas eqnotnec_123_Aux_ξ' = eqnotnec_123_Aux_θ[THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)], THEN "RM◇"]
5133
5134AOT_theorem "eqnotnec:1": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
5135proof-
5136  AOT_obtain p1 where ContingentlyTrue(p1) using "cont-tf-thm:1" "∃E"[rotated] by blast
5137  AOT_hence p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
5138  AOT_hence x ([L]x  z p1]x) & ¬x([L]x  z p1]x)
5139    apply - apply (rule "&I")
5140    using "&E" eqnotnec_123_Aux_θ[THEN "≡E"(1)] eqnotnec_123_Aux_ξ "→E" by fast+
5141  AOT_hence G (x([L]x  [G]x) & ¬x([L]x  [G]x))
5142    by (rule "∃I") "cqt:2[lambda]"
5143  AOT_thus FG (x([F]x  [G]x) & ¬x([F]x  [G]x))
5144    apply (rule "∃I")
5145    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5146qed
5147
5148AOT_theorem "eqnotnec:2": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
5149proof-
5150  AOT_obtain p1 where ContingentlyFalse(p1) using "cont-tf-thm:2" "∃E"[rotated] by blast
5151  AOT_hence ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
5152  AOT_hence ¬x ([L]x  z p1]x) & x([L]x  z p1]x)
5153    apply - apply (rule "&I")
5154    using "&E" eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)] eqnotnec_123_Aux_ξ' "→E" by fast+
5155  AOT_hence G (¬x([L]x  [G]x) & x([L]x  [G]x))
5156    by (rule "∃I") "cqt:2[lambda]"
5157  AOT_thus FG (¬x([F]x  [G]x) & x([F]x  [G]x))
5158    apply (rule "∃I")
5159    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5160qed
5161
5162AOT_theorem "eqnotnec:3": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5163proof-
5164  AOT_have ¬𝒜q0
5165    apply (rule "=dfI"(2)[OF q0_def])
5166     apply (fact "log-prop-prop:2")
5167    by (fact AOT)
5168  AOT_hence 𝒜¬q0
5169    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5170  AOT_hence 𝒜¬x ([L]x  z q0]x)
5171    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5172            THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
5173            THEN "RA[2]", THEN "act-cond"[THEN "→E"], THEN "→E"] by blast
5174  moreover AOT_have x ([L]x  z q0]x) using eqnotnec_123_Aux_ξ'[THEN "→E"] q0_prop[THEN "&E"(1)] by blast
5175  ultimately AOT_have 𝒜¬x ([L]x  z q0]x) & x ([L]x  z q0]x) using "&I" by blast
5176  AOT_hence G (𝒜¬x([L]x  [G]x) & x([L]x  [G]x))
5177    by (rule "∃I") "cqt:2[lambda]"
5178  AOT_thus FG (𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5179    apply (rule "∃I")
5180    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5181qed
5182
5183end
5184
5185(* TODO[IMPORTANT]: proof of 219.4 ζ: appeal to (159.2) requires a theorem, but the result has local
5186   assumptions! *)
5187AOT_theorem "eqnotnec:4": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
5188proof(rule GEN)
5189  fix F
5190
5191  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5192  proof(rule "→I"; rule GEN)
5193    AOT_modally_strict {
5194    fix x
5195    AOT_assume 0: ψ
5196    AOT_have z [F]z & ψ]x  [F]x & ψ
5197      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5198    also AOT_have ...  [F]x
5199      apply (rule "≡I"; rule "→I")
5200      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5201      using 0 "&I" by blast
5202    finally AOT_show [F]x  z [F]z & ψ]x
5203      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5204    }
5205  qed
5206
5207  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5208  proof (rule "→I"; rule GEN)
5209    AOT_modally_strict {
5210      fix x
5211      AOT_assume 0: ψ
5212      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5213        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5214      also AOT_have ...  [F]x
5215        apply (rule "≡I"; rule "→I")
5216        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5217        apply (rule "∨I"(1)) using 0 "&I" by blast
5218      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5219        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5220    }
5221  qed
5222
5223  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5224  proof(rule "RM◇"; rule "→I"; rule "raa-cor:2")
5225  AOT_modally_strict {
5226      AOT_assume 0: ¬ψ
5227      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5228      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5229      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5230          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5231      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5232        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5233      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5234        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5235      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5236      ultimately AOT_have ψ using "≡E" "&E" by metis
5237      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5238    }
5239  qed
5240
5241  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5242  proof (rule "→I")
5243    AOT_assume A: z([F]z  z [F]z & ψ]z)
5244    AOT_show ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
5245    proof(rule "≡I"; rule "KBasic:13"[THEN "→E"];
5246          rule "RN[prem]"[where Γ="{«z([F]z  z [F]z & ψ]z)»}", simplified];
5247          (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5248      AOT_modally_strict {
5249        AOT_assume z ([F]z  z [F]z & ψ]z)
5250        AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5251        AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5252        AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5253        AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5254        AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5255      }
5256    next
5257      AOT_modally_strict {
5258        AOT_assume z ([F]z  z [F]z & ψ]z)
5259        AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5260        AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5261        AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5262        AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5263        AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5264      }
5265    qed(auto simp: A)
5266  qed
5267
5268  AOT_obtain p1 where p1_prop: p1 & ¬p1 using "cont-tf-thm:1" "∃E"[rotated] "cont-tf:1"[THEN "≡dfE"] by blast
5269  {
5270    AOT_assume 1: x([F]x  z [F]z & p1]x)
5271    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
5272      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(1)]].
5273    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
5274      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(2)]].
5275    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
5276      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5277    AOT_hence x([F]x  z [F]z & p1  ¬p1]x) & ¬x([F]x  z [F]z & p1  ¬p1]x) using 2 "&I" by blast
5278    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5279      by (rule "∃I"(1)) "cqt:2[lambda]"
5280  }
5281  moreover {
5282    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
5283    AOT_hence ¬x([F]x  z [F]z & p1]x)
5284      using "KBasic:11"[THEN "≡E"(1)] by blast
5285    AOT_hence x ([F]x  z [F]z & p1]x) & ¬x([F]x  z [F]z & p1]x)
5286      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(1)]] "&I" by blast
5287    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5288      by (rule "∃I"(1)) "cqt:2[lambda]"
5289  }
5290  ultimately AOT_show G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5291    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5292qed
5293
5294AOT_theorem "eqnotnec:5": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
5295proof(rule GEN)
5296  fix F
5297
5298  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5299  proof(rule "RM◇"; rule "→I"; rule GEN)
5300    AOT_modally_strict {
5301    fix x
5302    AOT_assume 0: ψ
5303    AOT_have z [F]z & ψ]x  [F]x & ψ
5304      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5305    also AOT_have ...  [F]x
5306      apply (rule "≡I"; rule "→I")
5307      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5308      using 0 "&I" by blast
5309    finally AOT_show [F]x  z [F]z & ψ]x
5310      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5311    }
5312  qed
5313
5314  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5315  proof (rule "RM◇"; rule "→I"; rule GEN)
5316    AOT_modally_strict {
5317      fix x
5318      AOT_assume 0: ψ
5319      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5320        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5321      also AOT_have ...  [F]x
5322        apply (rule "≡I"; rule "→I")
5323        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5324        apply (rule "∨I"(1)) using 0 "&I" by blast
5325      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5326        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5327    }
5328  qed
5329
5330  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5331  proof(rule "→I"; rule "raa-cor:2")
5332  AOT_modally_strict {
5333      AOT_assume 0: ¬ψ
5334      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5335      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5336      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5337          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5338      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5339        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5340      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5341        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5342      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5343      ultimately AOT_have ψ using "≡E" "&E" by metis
5344      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5345    }
5346  qed
5347
5348  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5349  proof (rule "→I"; rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5350    AOT_modally_strict {
5351      AOT_assume z ([F]z  z [F]z & ψ]z)
5352      AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5353      AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5354      AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5355      AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5356      AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5357    }
5358  next
5359    AOT_modally_strict {
5360      AOT_assume z ([F]z  z [F]z & ψ]z)
5361      AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5362      AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5363      AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5364      AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5365      AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5366    }
5367  qed
5368
5369  AOT_obtain p1 where p1_prop: ¬p1 & p1 using "cont-tf-thm:2" "∃E"[rotated] "cont-tf:2"[THEN "≡dfE"] by blast
5370  {
5371    AOT_assume 1: x([F]x  z [F]z & p1]x)
5372    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
5373      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(2)]].
5374    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
5375      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(1)]].
5376    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
5377      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5378    AOT_hence ¬x([F]x  z [F]z & p1  ¬p1]x) & x([F]x  z [F]z & p1  ¬p1]x) using 2 "&I" by blast
5379    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5380      by (rule "∃I"(1)) "cqt:2[lambda]"
5381  }
5382  moreover {
5383    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
5384    AOT_hence ¬x([F]x  z [F]z & p1]x)
5385      using "KBasic:11"[THEN "≡E"(1)] by blast
5386    AOT_hence ¬x ([F]x  z [F]z & p1]x) & x([F]x  z [F]z & p1]x)
5387      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(2)]] "&I" by blast
5388    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5389      by (rule "∃I"(1)) "cqt:2[lambda]"
5390  }
5391  ultimately AOT_show G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5392    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5393qed
5394
5395AOT_theorem "eqnotnec:6": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5396proof(rule GEN)
5397  fix F
5398
5399  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5400  proof(rule "RM◇"; rule "→I"; rule GEN)
5401    AOT_modally_strict {
5402    fix x
5403    AOT_assume 0: ψ
5404    AOT_have z [F]z & ψ]x  [F]x & ψ
5405      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5406    also AOT_have ...  [F]x
5407      apply (rule "≡I"; rule "→I")
5408      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5409      using 0 "&I" by blast
5410    finally AOT_show [F]x  z [F]z & ψ]x
5411      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5412    }
5413  qed
5414
5415  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5416  proof (rule "RM◇"; rule "→I"; rule GEN)
5417    AOT_modally_strict {
5418      fix x
5419      AOT_assume 0: ψ
5420      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5421        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5422      also AOT_have ...  [F]x
5423        apply (rule "≡I"; rule "→I")
5424        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5425        apply (rule "∨I"(1)) using 0 "&I" by blast
5426      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5427        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5428    }
5429  qed
5430
5431  AOT_have Aux_C:  𝒜¬ψ  𝒜¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5432  proof(rule "act-cond"[THEN "→E"]; rule "RA[2]"; rule "→I"; rule "raa-cor:2")
5433  AOT_modally_strict {
5434      AOT_assume 0: ¬ψ
5435      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5436      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5437      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5438          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5439      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5440        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5441      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5442        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5443      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5444      ultimately AOT_have ψ using "≡E" "&E" by metis
5445      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5446    }
5447  qed
5448
5449  AOT_have (z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
5450  proof (rule RN; rule "→I")
5451    AOT_modally_strict {
5452        AOT_assume z ([F]z  z [F]z & ψ]z)
5453        AOT_thus ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
5454          apply -
5455        proof(rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5456          AOT_assume z ([F]z  z [F]z & ψ]z)
5457          AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5458          AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5459          AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5460          AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5461          AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5462        next
5463            AOT_assume z ([F]z  z [F]z & ψ]z)
5464            AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5465            AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5466            AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5467            AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5468            AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5469        qed
5470    }
5471  qed
5472  AOT_hence 𝒜(z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
5473    using "nec-imp-act"[THEN "→E"] by blast
5474  AOT_hence 𝒜z ([F]z  z [F]z & ψ]z)  𝒜(¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5475    using "act-cond"[THEN "→E"] by blast
5476  AOT_hence Aux_D: 𝒜z ([F]z  z [F]z & ψ]z)  (𝒜¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  𝒜¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5477    by (auto intro!: "→I" "Act-Basic:5"[THEN "≡E"(1)] dest!: "→E")
5478
5479  AOT_have ¬𝒜q0
5480    apply (rule "=dfI"(2)[OF q0_def])
5481     apply (fact "log-prop-prop:2")
5482    by (fact AOT)
5483  AOT_hence q0_prop_1: 𝒜¬q0
5484    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5485  {
5486    AOT_assume 1: 𝒜x([F]x  z [F]z & q0]x)
5487    AOT_have 2: x([F]x  z [F]z & q0  ¬q0]x)
5488      using Aux_B[THEN "→E", OF q0_prop[THEN "&E"(1)]].
5489    AOT_have 𝒜¬x(z [F]z & q0]x  z [F]z & q0  ¬q0]x)
5490      using Aux_C[THEN "→E", OF q0_prop_1].
5491    AOT_hence 3: 𝒜¬x([F]x  z [F]z & q0  ¬q0]x)
5492      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5493    AOT_hence 𝒜¬x([F]x  z [F]z & q0  ¬q0]x) & x([F]x  z [F]z & q0  ¬q0]x) using 2 "&I" by blast
5494    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5495      by (rule "∃I"(1)) "cqt:2[lambda]"
5496  }
5497  moreover {
5498    AOT_assume 2: ¬𝒜x([F]x  z [F]z & q0]x)
5499    AOT_hence 𝒜¬x([F]x  z [F]z & q0]x)
5500      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5501    AOT_hence 𝒜¬x ([F]x  z [F]z & q0]x) & x([F]x  z [F]z & q0]x)
5502      using Aux_A[THEN "→E", OF q0_prop[THEN "&E"(1)]] "&I" by blast
5503    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5504      by (rule "∃I"(1)) "cqt:2[lambda]"
5505  }
5506  ultimately AOT_show G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5507    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5508qed
5509
5510AOT_theorem "oa-contingent:1": O!  A!
5511proof(rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
5512  fix x
5513  AOT_assume 1: O! = A!
5514  AOT_hence x E!x] = A!
5515    by (rule "=dfE"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5516  AOT_hence x E!x] = x ¬E!x]
5517    by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5518  moreover AOT_have x E!x]x  E!x
5519    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5520  ultimately AOT_have x ¬E!x]x  E!x
5521    using "rule=E" by fast
5522  moreover AOT_have x ¬E!x]x  ¬E!x
5523    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5524  ultimately AOT_have E!x  ¬E!x using "≡E"(6) "Commutativity of ≡"[THEN "≡E"(1)] by blast
5525  AOT_thus "(E!x  ¬E!x) & ¬(E!x  ¬E!x)" using "oth-class-taut:3:c" "&I" by blast
5526qed
5527
5528AOT_theorem "oa-contingent:2": O!x  ¬A!x
5529proof -
5530  AOT_have O!x  x E!x]x
5531    apply (rule "≡I"; rule "→I")
5532     apply (rule "=dfE"(2)[OF AOT_ordinary])
5533      apply "cqt:2[lambda]"
5534     apply argo
5535    apply (rule  "=dfI"(2)[OF AOT_ordinary])
5536     apply "cqt:2[lambda]"
5537    by argo
5538  also AOT_have   E!x
5539    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5540  also AOT_have   ¬¬E!x
5541    using "oth-class-taut:3:b".
5542  also AOT_have   ¬x ¬E!x]x
5543    by (rule "beta-C-meta"[THEN "→E", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric]) "cqt:2[lambda]"
5544  also AOT_have   ¬A!x
5545    apply (rule "≡I"; rule "→I")
5546     apply (rule "=dfI"(2)[OF AOT_abstract])
5547      apply "cqt:2[lambda]"
5548     apply argo
5549    apply (rule "=dfE"(2)[OF AOT_abstract])
5550     apply "cqt:2[lambda]"
5551    by argo
5552  finally show ?thesis.
5553qed
5554
5555AOT_theorem "oa-contingent:3": A!x  ¬O!x
5556  by (AOT_subst A!x ¬¬A!x)
5557     (auto simp add: "oth-class-taut:3:b" "oa-contingent:2"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
5558
5559AOT_theorem "oa-contingent:4": Contingent(O!)
5560proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:1", THEN "≡E"(2)]; rule "&I")
5561  AOT_have x E!x using "thm-cont-e:3" .
5562  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
5563  then AOT_obtain a where E!a using "∃E"[rotated] by blast
5564  AOT_hence x E!x]a
5565    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
5566  AOT_hence O!a
5567    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5568  AOT_hence x O!x using "∃I" by blast
5569  AOT_thus x O!x using "T◇"[THEN "→E"] by blast
5570next
5571  AOT_obtain a where A!a
5572    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5573  AOT_hence ¬O!a using "oa-contingent:3"[THEN "≡E"(1)] by blast
5574  AOT_hence x ¬O!x using "∃I" by fast
5575  AOT_thus x ¬O!x using "T◇"[THEN "→E"] by blast
5576qed
5577
5578AOT_theorem "oa-contingent:5": Contingent(A!)
5579proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:2", THEN "≡E"(2)]; rule "&I")
5580  AOT_obtain a where A!a
5581    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5582  AOT_hence x A!x using "∃I" by fast
5583  AOT_thus x A!x using "T◇"[THEN "→E"] by blast
5584next
5585  AOT_have x E!x using "thm-cont-e:3" .
5586  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
5587  then AOT_obtain a where E!a using "∃E"[rotated] by blast
5588  AOT_hence x E!x]a
5589    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
5590  AOT_hence O!a
5591    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5592  AOT_hence ¬A!a using "oa-contingent:2"[THEN "≡E"(1)] by blast
5593  AOT_hence x ¬A!x using "∃I" by fast
5594  AOT_thus x ¬A!x using "T◇"[THEN "→E"] by blast
5595qed
5596
5597AOT_theorem "oa-contingent:7": O!-x  ¬A!-x
5598proof -
5599  AOT_have O!x  ¬A!x
5600    using "oa-contingent:2" by blast
5601  also AOT_have   A!-x
5602    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:2"].
5603  finally AOT_have 1: O!x  A!-x.
5604
5605  AOT_have A!x  ¬O!x
5606    using "oa-contingent:3" by blast
5607  also AOT_have   O!-x
5608    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:1"].
5609  finally AOT_have 2: A!x  O!-x.
5610
5611  AOT_show O!-x  ¬A!-x
5612    using 1[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "oa-contingent:3"[of _ x] 2[symmetric]
5613          "≡E"(5) by blast
5614qed
5615
5616AOT_theorem "oa-contingent:6": O!-  A!-
5617proof (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5618  AOT_assume 1: O!- = A!-
5619  fix x
5620  AOT_have A!-x  O!-x
5621    apply (rule "rule=E"[rotated, OF 1]) by (fact "oth-class-taut:3:a")
5622  AOT_hence A!-x  ¬A!-x
5623    using "oa-contingent:7" "≡E" by fast
5624  AOT_thus (A!-x  ¬A!-x) & ¬(A!-x  ¬A!-x) using "oth-class-taut:3:c" "&I" by blast
5625qed
5626
5627AOT_theorem "oa-contingent:8": Contingent(O!-)
5628  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:1", THEN "≡E"(1), OF "oa-contingent:4"].
5629
5630AOT_theorem "oa-contingent:9": Contingent(A!-)
5631  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:2", THEN "≡E"(1), OF "oa-contingent:5"].
5632
5633AOT_define WeaklyContingent :: ‹Π  φ› ("WeaklyContingent'(_')")
5634  "df-cont-nec": "WeaklyContingent([F]) df Contingent([F]) & x ([F]x  [F]x)"
5635
5636AOT_theorem "cont-nec-fact1:1": WeaklyContingent([F])  WeaklyContingent([F]-)
5637proof -
5638  AOT_have WeaklyContingent([F])  Contingent([F]) & x ([F]x  [F]x)
5639    using "df-cont-nec"[THEN "≡Df"] by blast
5640  also AOT_have ...  Contingent([F]-) & x ([F]x  [F]x)
5641    apply (rule "oth-class-taut:8:f"[THEN "≡E"(2)]; rule "→I")
5642    using "thm-cont-prop:3".
5643  also AOT_have   Contingent([F]-) & x ([F]-x  [F]-x)
5644  proof (rule "oth-class-taut:8:e"[THEN "≡E"(2)]; rule "→I"; rule "≡I"; rule "→I"; rule GEN; rule "→I")
5645    fix x
5646    AOT_assume 0: x ([F]x  [F]x)
5647    AOT_assume 1: [F]-x
5648    AOT_have ¬[F]x
5649      by (AOT_subst (reverse) ¬[F]x [F]-x)
5650         (auto simp add: "thm-relation-negation:1" 1)
5651    AOT_hence 2: ¬[F]x
5652      using "KBasic:11"[THEN "≡E"(2)] by blast
5653    AOT_show [F]-x
5654    proof (rule "raa-cor:1")
5655      AOT_assume 3: ¬[F]-x
5656      AOT_have ¬¬[F]x
5657        by (AOT_subst (reverse) ¬[F]x [F]-x)
5658           (auto simp add: "thm-relation-negation:1" 3)
5659      AOT_hence [F]x
5660        using "conventions:5"[THEN "≡dfI"] by simp
5661      AOT_hence [F]x using 0 "∀E" "→E" by fast
5662      AOT_thus [F]x & ¬[F]x using "&I" 2 by blast
5663    qed
5664  next
5665    fix x
5666    AOT_assume 0: x ([F]-x  [F]-x)
5667    AOT_assume 1: [F]x
5668    AOT_have ¬[F]-x
5669      by (AOT_subst ¬[F]-x [F]x)
5670         (auto simp: "thm-relation-negation:2" 1)
5671    AOT_hence 2: ¬[F]-x
5672      using "KBasic:11"[THEN "≡E"(2)] by blast
5673    AOT_show [F]x
5674    proof (rule "raa-cor:1")
5675      AOT_assume 3: ¬[F]x
5676      AOT_have ¬¬[F]-x
5677        by (AOT_subst ¬[F]-x [F]x)
5678           (auto simp add: "thm-relation-negation:2" 3)
5679      AOT_hence [F]-x
5680        using "conventions:5"[THEN "≡dfI"] by simp
5681      AOT_hence [F]-x using 0 "∀E" "→E" by fast
5682      AOT_thus [F]-x & ¬[F]-x using "&I" 2 by blast
5683    qed
5684  qed
5685  also AOT_have   WeaklyContingent([F]-)
5686    using "df-cont-nec"[THEN "≡Df", symmetric] by blast
5687  finally show ?thesis.
5688qed
5689
5690AOT_theorem "cont-nec-fact1:2": (WeaklyContingent([F]) & ¬WeaklyContingent([G]))  F  G
5691proof (rule "→I"; rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5692  AOT_assume 1: WeaklyContingent([F]) & ¬WeaklyContingent([G])
5693  AOT_hence WeaklyContingent([F]) using "&E" by blast
5694  moreover AOT_assume F = G
5695  ultimately AOT_have WeaklyContingent([G])
5696    using "rule=E" by blast
5697  AOT_thus WeaklyContingent([G]) & ¬WeaklyContingent([G])
5698    using 1 "&I" "&E" by blast
5699qed
5700
5701AOT_theorem "cont-nec-fact2:1": WeaklyContingent(O!)
5702proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
5703  AOT_show Contingent(O!)
5704    using "oa-contingent:4".
5705next
5706  AOT_show x ([O!]x  [O!]x)
5707    apply (rule GEN; rule "→I")
5708    using "oa-facts:5"[THEN "≡E"(1)] by blast
5709qed
5710
5711
5712AOT_theorem "cont-nec-fact2:2": WeaklyContingent(A!)
5713proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
5714  AOT_show Contingent(A!)
5715    using "oa-contingent:5".
5716next
5717  AOT_show x ([A!]x  [A!]x)
5718    apply (rule GEN; rule "→I")
5719    using "oa-facts:6"[THEN "≡E"(1)] by blast
5720qed
5721
5722AOT_theorem "cont-nec-fact2:3": ¬WeaklyContingent(E!)
5723proof (rule "df-cont-nec"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)];
5724       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "raa-cor:2")
5725  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst].
5726  AOT_hence x (E!x & ¬𝒜E!x) using "BF◇"[THEN "→E"] by blast
5727  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
5728  AOT_hence 1: E!a & ¬𝒜E!a using "KBasic2:3"[THEN "→E"] by simp
5729  moreover AOT_assume x ([E!]x  [E!]x)
5730  ultimately AOT_have E!a using "&E" "∀E" "→E" by fast
5731  AOT_hence 𝒜E!a using "nec-imp-act"[THEN "→E"] by blast
5732  AOT_hence 𝒜E!a using "qml-act:1"[axiom_inst, THEN "→E"] by blast
5733  moreover AOT_have ¬𝒜E!a using "KBasic:11"[THEN "≡E"(2)] 1[THEN "&E"(2)] by meson
5734  ultimately AOT_have 𝒜E!a & ¬𝒜E!a using "&I" by blast
5735  AOT_thus p & ¬p for p using "raa-cor:1" by blast
5736qed
5737
5738AOT_theorem "cont-nec-fact2:4": ¬WeaklyContingent(L)
5739  apply (rule "df-cont-nec"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)];
5740       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(1))
5741  apply (rule "contingent-properties:4"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5742  apply (rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "useful-tautologies:2"[THEN "→E"])
5743  using "thm-noncont-e-e:3"[THEN "contingent-properties:3"[THEN "≡dfE"]].
5744
5745(* TODO: cleanup *)
5746AOT_theorem "cont-nec-fact2:5": O!  E! & O!  E!- & O!  L & O!  L-
5747proof -
5748  AOT_have 1: L
5749    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5750  {
5751    fix φ and Π Π' :: <κ>
5752    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
5753    proof (rule "raa-cor:2")
5754      AOT_assume φ{Π'}  φ{Π}
5755      AOT_hence φ{Π'} using that(1) "≡E" by blast
5756      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
5757    qed
5758    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
5759      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E", OF that(1,2), OF A[OF that(3, 4)]].
5760  } note 0 = this
5761  show ?thesis
5762    apply(safe intro!: "&I"; rule 0)
5763    using "cqt:2[concrete]"[axiom_inst] apply blast
5764    using "oa-exist:1" apply blast
5765    using "cont-nec-fact2:3" apply fast
5766    apply (rule "useful-tautologies:2"[THEN "→E"])
5767    using "cont-nec-fact2:1" apply fast
5768    using "rel-neg-T:3" apply fast
5769    using "oa-exist:1" apply blast
5770    using "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:3", OF "cqt:2[concrete]"[axiom_inst]] apply fast
5771    apply (rule "useful-tautologies:2"[THEN "→E"])
5772    using "cont-nec-fact2:1" apply blast
5773    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5774    using "oa-exist:1" apply fast
5775    using "cont-nec-fact2:4" apply fast
5776    apply (rule "useful-tautologies:2"[THEN "→E"])
5777    using "cont-nec-fact2:1" apply fast
5778    using "rel-neg-T:3" apply fast
5779    using "oa-exist:1" apply fast
5780    apply (rule "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
5781    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5782    apply (rule "useful-tautologies:2"[THEN "→E"])
5783    using "cont-nec-fact2:1" by blast
5784qed
5785
5786(* TODO: cleanup together with above *)
5787AOT_theorem "cont-nec-fact2:6": A!  E! & A!  E!- & A!  L & A!  L-
5788proof -
5789  AOT_have 1: L
5790    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5791  {
5792    fix φ and Π Π' :: <κ>
5793    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
5794    proof (rule "raa-cor:2")
5795      AOT_assume φ{Π'}  φ{Π}
5796      AOT_hence φ{Π'} using that(1) "≡E" by blast
5797      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
5798    qed
5799    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
5800      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E", OF that(1,2), OF A[OF that(3, 4)]].
5801  } note 0 = this
5802  show ?thesis
5803    apply(safe intro!: "&I"; rule 0)
5804    using "cqt:2[concrete]"[axiom_inst] apply blast
5805    using "oa-exist:2" apply blast
5806    using "cont-nec-fact2:3" apply fast
5807    apply (rule "useful-tautologies:2"[THEN "→E"])
5808    using "cont-nec-fact2:2" apply fast
5809    using "rel-neg-T:3" apply fast
5810    using "oa-exist:2" apply blast
5811    using "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:3", OF "cqt:2[concrete]"[axiom_inst]] apply fast
5812    apply (rule "useful-tautologies:2"[THEN "→E"])
5813    using "cont-nec-fact2:2" apply blast
5814    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5815    using "oa-exist:2" apply fast
5816    using "cont-nec-fact2:4" apply fast
5817    apply (rule "useful-tautologies:2"[THEN "→E"])
5818    using "cont-nec-fact2:2" apply fast
5819    using "rel-neg-T:3" apply fast
5820    using "oa-exist:2" apply fast
5821    apply (rule "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
5822    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5823    apply (rule "useful-tautologies:2"[THEN "→E"])
5824    using "cont-nec-fact2:2" by blast
5825qed
5826
5827AOT_define necessary_or_contingently_false :: ‹φ  φ› ("Δ_" [49] 54)
5828  Δp df p  (¬𝒜p & p)
5829
5830AOT_theorem sixteen:
5831 shows F1F2F3F4F5F6F7F8F9F10F11F12F13F14F15F16 (
5832«F1::<κ>»  F2 & F1  F3 & F1  F4 & F1  F5 & F1  F6 & F1  F7 & F1  F8 & F1  F9 & F1  F10 & F1  F11 & F1  F12 & F1  F13 & F1  F14 & F1  F15 & F1  F16 &
5833F2  F3 & F2  F4 & F2  F5 & F2  F6 & F2  F7 & F2  F8 & F2  F9 & F2  F10 & F2  F11 & F2  F12 & F2  F13 & F2  F14 & F2  F15 & F2  F16 &
5834F3  F4 & F3  F5 & F3  F6 & F3  F7 & F3  F8 & F3  F9 & F3  F10 & F3  F11 & F3  F12 & F3  F13 & F3  F14 & F3  F15 & F3  F16 &
5835F4  F5 & F4  F6 & F4  F7 & F4  F8 & F4  F9 & F4  F10 & F4  F11 & F4  F12 & F4  F13 & F4  F14 & F4  F15 & F4  F16 &
5836F5  F6 & F5  F7 & F5  F8 & F5  F9 & F5  F10 & F5  F11 & F5  F12 & F5  F13 & F5  F14 & F5  F15 & F5  F16 &
5837F6  F7 & F6  F8 & F6  F9 & F6  F10 & F6  F11 & F6  F12 & F6  F13 & F6  F14 & F6  F15 & F6  F16 &
5838F7  F8 & F7  F9 & F7  F10 & F7  F11 & F7  F12 & F7  F13 & F7  F14 & F7  F15 & F7  F16 &
5839F8  F9 & F8  F10 & F8  F11 & F8  F12 & F8  F13 & F8  F14 & F8  F15 & F8  F16 &
5840F9  F10 & F9  F11 & F9  F12 & F9  F13 & F9  F14 & F9  F15 & F9  F16 &
5841F10  F11 & F10  F12 & F10  F13 & F10  F14 & F10  F15 & F10  F16 &
5842F11  F12 & F11  F13 & F11  F14 & F11  F15 & F11  F16 &
5843F12  F13 & F12  F14 & F12  F15 & F12  F16 &
5844F13  F14 & F13  F15 & F13  F16 &
5845F14  F15 & F14  F16 &
5846F15  F16) 
5847proof -
5848
5849  AOT_have Delta_pos: Δφ  φ for φ
5850  proof(rule "→I")
5851    AOT_assume Δφ
5852    AOT_hence φ  (¬𝒜φ & φ)
5853      using "≡dfE"[OF necessary_or_contingently_false] by blast
5854    moreover {
5855      AOT_assume φ
5856      AOT_hence φ
5857        by (metis "B◇" "T◇" "vdash-properties:10")
5858    }
5859    moreover {
5860      AOT_assume ¬𝒜φ & φ
5861      AOT_hence φ
5862        using "&E" by blast
5863    }
5864    ultimately AOT_show φ
5865      by (metis "∨E"(2) "raa-cor:1") 
5866  qed
5867
5868  AOT_have act_and_not_nec_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
5869    using "≡dfE" "&E"(1) "∨E"(2) necessary_or_contingently_false "raa-cor:3" that(1) that(2) by blast
5870  AOT_have act_and_pos_not_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
5871    using "KBasic:11" act_and_not_nec_not_delta "≡E"(2) that(1) that(2) by blast
5872  AOT_have impossible_delta: ¬Δφ if ¬φ for φ
5873    using Delta_pos "modus-tollens:1" that by blast
5874  AOT_have not_act_and_pos_delta: Δφ if ¬𝒜φ and φ for φ
5875    by (meson "≡dfI" "&I" "∨I"(2) necessary_or_contingently_false that(1) that(2))
5876  AOT_have nec_delta: Δφ if φ for φ
5877    using "≡dfI" "∨I"(1) necessary_or_contingently_false that by blast
5878
5879  AOT_obtain a where a_prop: A!a
5880    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5881  AOT_obtain b where b_prop: [E!]b & ¬𝒜[E!]b
5882    using "pos-not-pna:3" using "∃E"[rotated] by blast
5883
5884  AOT_have b_ord: [O!]b
5885  proof(rule "=dfI"(2)[OF AOT_ordinary])
5886    AOT_show x [E!]x] by "cqt:2[lambda]"
5887  next
5888    AOT_show x [E!]x]b
5889    proof (rule "β←C"(1); ("cqt:2[lambda]")?)
5890      AOT_show b by (rule "cqt:2[const_var]"[axiom_inst])
5891      AOT_show [E!]b by (fact b_prop[THEN "&E"(1)])
5892    qed
5893  qed
5894
5895  AOT_have nec_not_L_neg: ¬[L-]x for x
5896    using "thm-noncont-e-e:2" "contingent-properties:2"[THEN "≡dfE"] "&E"
5897          CBF[THEN "→E"] "∀E" by blast
5898  AOT_have nec_L: [L]x for x
5899    using "thm-noncont-e-e:1" "contingent-properties:1"[THEN "≡dfE"]
5900      CBF[THEN "→E"] "∀E" by blast
5901
5902  AOT_have act_ord_b: 𝒜[O!]b
5903    using b_ord "≡E"(1) "oa-facts:7" by blast
5904  AOT_have delta_ord_b: Δ[O!]b
5905    by (meson "≡dfI" b_ord "∨I"(1) necessary_or_contingently_false "oa-facts:1" "vdash-properties:10")
5906  AOT_have not_act_ord_a: ¬𝒜[O!]a
5907    by (meson a_prop "≡E"(1) "≡E"(3) "oa-contingent:3" "oa-facts:7")
5908  AOT_have not_delta_ord_a: ¬Δ[O!]a
5909    by (metis Delta_pos "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7" "reductio-aa:1" "vdash-properties:10")
5910
5911  AOT_have not_act_abs_b: ¬𝒜[A!]b
5912    by (meson b_ord "≡E"(1) "≡E"(3) "oa-contingent:2" "oa-facts:8")
5913  AOT_have not_delta_abs_b: ¬Δ[A!]b
5914  proof(rule "raa-cor:2")
5915    AOT_assume Δ[A!]b
5916    AOT_hence [A!]b
5917      by (metis Delta_pos "vdash-properties:10")
5918    AOT_thus [A!]b & ¬[A!]b
5919      by (metis b_ord "&I" "≡E"(1) "oa-contingent:2" "oa-facts:4" "vdash-properties:10")
5920  qed
5921  AOT_have act_abs_a: 𝒜[A!]a
5922    using a_prop "≡E"(1) "oa-facts:8" by blast
5923  AOT_have delta_abs_a: Δ[A!]a
5924      by (metis "≡dfI" a_prop "oa-facts:2" "vdash-properties:10" "∨I"(1) necessary_or_contingently_false)
5925
5926  AOT_have not_act_concrete_b: ¬𝒜[E!]b
5927    using b_prop "&E"(2) by blast
5928  AOT_have delta_concrete_b: Δ[E!]b
5929  proof (rule "≡dfI"[OF necessary_or_contingently_false]; rule "∨I"(2); rule "&I")
5930    AOT_show ¬𝒜[E!]b using b_prop "&E"(2) by blast
5931  next
5932    AOT_show [E!]b using b_prop "&E"(1) by blast
5933  qed
5934  AOT_have not_act_concrete_a: ¬𝒜[E!]a
5935  proof (rule "raa-cor:2")
5936    AOT_assume 𝒜[E!]a
5937    AOT_hence 1: [E!]a by (metis "Act-Sub:3" "vdash-properties:10")
5938    AOT_have [A!]a by (simp add: a_prop)
5939    AOT_hence x ¬[E!]x]a
5940      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5941    AOT_hence ¬[E!]a using "β→C"(1) by blast
5942    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
5943  qed
5944  AOT_have not_delta_concrete_a: ¬Δ[E!]a
5945  proof (rule "raa-cor:2")
5946    AOT_assume Δ[E!]a
5947    AOT_hence 1: [E!]a by (metis Delta_pos "vdash-properties:10")
5948    AOT_have [A!]a by (simp add: a_prop)
5949    AOT_hence x ¬[E!]x]a
5950      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5951    AOT_hence ¬[E!]a using "β→C"(1) by blast
5952    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
5953  qed
5954
5955  AOT_have not_act_q_zero: ¬𝒜q0
5956    by (meson "log-prop-prop:2" "pos-not-pna:1" q0_def "reductio-aa:1" "rule-id-df:2:a[zero]")
5957  AOT_have delta_q_zero: Δq0
5958  proof(rule "≡dfI"[OF necessary_or_contingently_false]; rule "∨I"(2); rule "&I")
5959    AOT_show ¬𝒜q0 using not_act_q_zero.
5960    AOT_show q0 by (meson "&E"(1) q0_prop)
5961  qed
5962  AOT_have act_not_q_zero: 𝒜¬q0 using "Act-Basic:1" "∨E"(2) not_act_q_zero by blast
5963  AOT_have not_delta_not_q_zero: ¬Δ¬q0
5964      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta "&E"(1) "∨E"(2) not_act_q_zero q0_prop by blast
5965
5966  AOT_have [L-] by (simp add: "rel-neg-T:3")
5967  moreover AOT_have ¬𝒜[L-]b & ¬Δ[L-]b & ¬𝒜[L-]a & ¬Δ[L-]a
5968  proof (safe intro!: "&I")
5969    AOT_show ¬𝒜[L-]b by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act" nec_not_L_neg "→E")
5970    AOT_show ¬Δ[L-]b by (meson Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1" nec_not_L_neg)
5971    AOT_show ¬𝒜[L-]a by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act" nec_not_L_neg "→E")
5972    AOT_show ¬Δ[L-]a using Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1" nec_not_L_neg by blast
5973  qed
5974  ultimately AOT_obtain F0 where ¬𝒜[F0]b & ¬Δ[F0]b & ¬𝒜[F0]a & ¬Δ[F0]a
5975    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5976  AOT_hence ¬𝒜[F0]b and ¬Δ[F0]b and ¬𝒜[F0]a and ¬Δ[F0]a
5977    using "&E" by blast+
5978  note props = this
5979
5980  let  = "«y [A!]y & q0]»"
5981  AOT_modally_strict {
5982    AOT_have [«»] by "cqt:2[lambda]"
5983  } note 1 = this
5984  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
5985  proof (safe intro!: "&I"; AOT_subst y A!y & q0]x A!x & q0 for: x)
5986    AOT_show ¬𝒜([A!]b & q0)
5987      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
5988  next AOT_show ¬Δ([A!]b & q0)
5989      by (metis Delta_pos "KBasic2:3" "&E"(1) "≡E"(4) not_act_abs_b "oa-facts:4" "oa-facts:8" "raa-cor:3" "vdash-properties:10")
5990  next AOT_show ¬𝒜([A!]a & q0)
5991      using "Act-Basic:2" "&E"(2) "≡E"(1) not_act_q_zero "raa-cor:3" by blast
5992  next AOT_show Δ([A!]a & q0)
5993    proof (rule not_act_and_pos_delta)
5994      AOT_show ¬𝒜([A!]a & q0)
5995        using "Act-Basic:2" "&E"(2) "≡E"(4) not_act_q_zero "raa-cor:3" by blast
5996    next AOT_show ([A!]a & q0)
5997        by (metis "&I" "→E" Delta_pos "KBasic:16" "&E"(1) delta_abs_a "≡E"(1) "oa-facts:6" q0_prop)
5998    qed
5999  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6000  ultimately AOT_obtain F1 where ¬𝒜[F1]b & ¬Δ[F1]b & ¬𝒜[F1]a & Δ[F1]a
6001    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6002  AOT_hence ¬𝒜[F1]b and ¬Δ[F1]b and ¬𝒜[F1]a and Δ[F1]a
6003    using "&E" by blast+
6004  note props = props this
6005
6006  let  = "«y [A!]y & ¬q0]»"
6007  AOT_modally_strict {
6008    AOT_have [«»] by "cqt:2[lambda]"
6009  } note 1 = this
6010  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
6011  proof (safe intro!: "&I"; AOT_subst y A!y & ¬q0]x A!x & ¬q0 for: x)
6012    AOT_show ¬𝒜([A!]b & ¬q0)
6013      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
6014  next AOT_show ¬Δ([A!]b & ¬q0)
6015      by (meson "RM◇" Delta_pos "Conjunction Simplification"(1) "≡E"(4) "modus-tollens:1" not_act_abs_b "oa-facts:4" "oa-facts:8")
6016  next AOT_show 𝒜([A!]a & ¬q0)
6017      by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:3")
6018  next AOT_show ¬Δ([A!]a & ¬q0)
6019    proof (rule act_and_not_nec_not_delta)
6020      AOT_show 𝒜([A!]a & ¬q0)
6021        by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:3")
6022    next
6023      AOT_show ¬([A!]a & ¬q0)
6024        by (metis "KBasic2:1" "KBasic:3" "&E"(1) "&E"(2) "≡E"(4) q0_prop "raa-cor:3")
6025    qed
6026  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6027  ultimately AOT_obtain F2 where ¬𝒜[F2]b & ¬Δ[F2]b & 𝒜[F2]a & ¬Δ[F2]a
6028    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6029  AOT_hence ¬𝒜[F2]b and ¬Δ[F2]b and 𝒜[F2]a and ¬Δ[F2]a
6030    using "&E" by blast+
6031  note props = props this
6032
6033  AOT_have abstract_prop: ¬𝒜[A!]b & ¬Δ[A!]b & 𝒜[A!]a & Δ[A!]a
6034    using act_abs_a "&I" delta_abs_a not_act_abs_b not_delta_abs_b by presburger
6035  then AOT_obtain F3 where ¬𝒜[F3]b & ¬Δ[F3]b & 𝒜[F3]a & Δ[F3]a
6036    using "∃I"(1)[rotated, THEN "∃E"[rotated]] "oa-exist:2" by fastforce
6037  AOT_hence ¬𝒜[F3]b and ¬Δ[F3]b and 𝒜[F3]a and Δ[F3]a
6038    using "&E" by blast+
6039  note props = props this
6040
6041  AOT_have ¬𝒜[E!]b & Δ[E!]b & ¬𝒜[E!]a & ¬Δ[E!]a
6042    by (meson "&I" delta_concrete_b not_act_concrete_a not_act_concrete_b not_delta_concrete_a)
6043  then AOT_obtain F4 where ¬𝒜[F4]b & Δ[F4]b & ¬𝒜[F4]a & ¬Δ[F4]a
6044    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6045  AOT_hence ¬𝒜[F4]b and Δ[F4]b and ¬𝒜[F4]a and ¬Δ[F4]a
6046    using "&E" by blast+
6047  note props = props this
6048
6049  AOT_modally_strict {
6050    AOT_have y q0] by "cqt:2[lambda]"
6051  } note 1 = this
6052  moreover AOT_have ¬𝒜y q0]b & Δy q0]b & ¬𝒜y q0]a & Δy q0]a
6053    by (safe intro!: "&I"; AOT_subst y q0]b q0 for: b)
6054       (auto simp: not_act_q_zero delta_q_zero  "beta-C-meta"[THEN "→E", OF 1])
6055  ultimately AOT_obtain F5 where ¬𝒜[F5]b & Δ[F5]b & ¬𝒜[F5]a & Δ[F5]a
6056    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6057  AOT_hence ¬𝒜[F5]b and Δ[F5]b and ¬𝒜[F5]a and Δ[F5]a
6058    using "&E" by blast+
6059  note props = props this
6060
6061  let  = "«y [E!]y  ([A!]y & ¬q0)]»"
6062  AOT_modally_strict {
6063    AOT_have [«»] by "cqt:2[lambda]"
6064  } note 1 = this
6065  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
6066  proof(safe intro!: "&I"; AOT_subst y E!y  (A!y & ¬q0)]x E!x  (A!x & ¬q0) for: x)
6067    AOT_have 𝒜¬([A!]b & ¬q0)
6068      by (metis "Act-Basic:1" "Act-Basic:2" abstract_prop "&E"(1) "∨E"(2)
6069                "≡E"(1) "raa-cor:3")
6070    moreover AOT_have ¬𝒜[E!]b
6071      using b_prop "&E"(2) by blast
6072    ultimately AOT_have 2: 𝒜(¬[E!]b & ¬([A!]b & ¬q0))
6073      by (metis "Act-Basic:2" "Act-Sub:1" "&I" "≡E"(3) "raa-cor:1")
6074    AOT_have 𝒜¬([E!]b  ([A!]b & ¬q0))
6075      by (AOT_subst ¬([E!]b  ([A!]b & ¬q0)) ¬[E!]b & ¬([A!]b & ¬q0))
6076         (auto simp: "oth-class-taut:5:d" 2)
6077    AOT_thus ¬𝒜([E!]b  ([A!]b & ¬q0))
6078      by (metis "¬¬I" "Act-Sub:1" "≡E"(4))
6079  next
6080    AOT_show Δ([E!]b  ([A!]b & ¬q0))
6081    proof (rule not_act_and_pos_delta)
6082      AOT_show ¬𝒜([E!]b  ([A!]b & ¬q0))
6083        by (metis "Act-Basic:2" "Act-Basic:9" "∨E"(2) "Conjunction Simplification"(1) "≡E"(4) "modus-tollens:1" not_act_abs_b not_act_concrete_b "raa-cor:3")
6084    next
6085      AOT_show ([E!]b  ([A!]b & ¬q0))
6086        using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
6087    qed
6088  next AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
6089      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I" "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
6090  next AOT_show ¬Δ([E!]a  ([A!]a & ¬q0))
6091    proof (rule act_and_not_nec_not_delta)
6092      AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
6093        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I" "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
6094    next
6095      AOT_have ¬[E!]a
6096        by (metis "≡dfI" "conventions:5" "&I" "∨I"(2) necessary_or_contingently_false not_act_concrete_a not_delta_concrete_a "raa-cor:3")
6097      moreover AOT_have ¬([A!]a & ¬q0)
6098        by (metis "KBasic2:1" "KBasic:11" "KBasic:3" "&E"(1) "&E"(2) "≡E"(1) q0_prop "raa-cor:3")
6099      ultimately AOT_have (¬[E!]a & ¬([A!]a & ¬q0)) by (metis "KBasic:16" "&I" "vdash-properties:10")
6100      AOT_hence ¬([E!]a  ([A!]a & ¬q0))
6101        by (metis "RE◇" "≡E"(2) "oth-class-taut:5:d")
6102      AOT_thus ¬([E!]a  ([A!]a & ¬q0)) by (metis "KBasic:12" "≡E"(1) "raa-cor:3")
6103    qed
6104  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6105  ultimately AOT_obtain F6 where ¬𝒜[F6]b & Δ[F6]b & 𝒜[F6]a & ¬Δ[F6]a
6106    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6107  AOT_hence ¬𝒜[F6]b and Δ[F6]b and 𝒜[F6]a and ¬Δ[F6]a
6108    using "&E" by blast+
6109  note props = props this
6110
6111  let  = "«y [A!]y  [E!]y]»"
6112  AOT_modally_strict {
6113    AOT_have [«»] by "cqt:2[lambda]"
6114  } note 1 = this
6115  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & Δ[«»]a
6116  proof(safe intro!: "&I"; AOT_subst y A!y  E!y]x A!x  E!x for: x)
6117    AOT_show ¬𝒜([A!]b  [E!]b)
6118      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b not_act_concrete_b "raa-cor:3" by blast
6119  next AOT_show Δ([A!]b  [E!]b)
6120    proof (rule not_act_and_pos_delta)
6121      AOT_show ¬𝒜([A!]b  [E!]b)
6122        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b not_act_concrete_b "raa-cor:3" by blast
6123    next AOT_show ([A!]b  [E!]b)
6124        using "KBasic2:2" b_prop "&E"(1) "∨I"(2) "≡E"(2) by blast
6125    qed
6126  next AOT_show 𝒜([A!]a  [E!]a)
6127      by (meson "Act-Basic:9" act_abs_a "∨I"(1) "≡E"(2))
6128  next AOT_show Δ([A!]a  [E!]a)
6129    proof (rule nec_delta)
6130      AOT_show ([A!]a  [E!]a)
6131        by (metis "KBasic:15" act_abs_a act_and_not_nec_not_delta "Disjunction Addition"(1) delta_abs_a "raa-cor:3" "vdash-properties:10")
6132    qed
6133  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6134  ultimately AOT_obtain F7 where ¬𝒜[F7]b & Δ[F7]b & 𝒜[F7]a & Δ[F7]a
6135    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6136  AOT_hence ¬𝒜[F7]b and Δ[F7]b and 𝒜[F7]a and Δ[F7]a
6137    using "&E" by blast+
6138  note props = props this
6139
6140  let  = "«y [O!]y & ¬[E!]y]»"
6141  AOT_modally_strict {
6142    AOT_have [«»] by "cqt:2[lambda]"
6143  } note 1 = this
6144  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & ¬Δ[«»]a
6145  proof(safe intro!: "&I"; AOT_subst y O!y & ¬E!y]x O!x & ¬E!x for: x)
6146    AOT_show 𝒜([O!]b & ¬[E!]b)
6147      by (metis "Act-Basic:1" "Act-Basic:2" act_ord_b "&I" "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:3")
6148  next AOT_show ¬Δ([O!]b & ¬[E!]b)
6149      by (metis (no_types, hide_lams) "conventions:5" "Act-Sub:1" "RM:1" act_and_not_nec_not_delta "act-conj-act:3"
6150                act_ord_b b_prop "&I" "&E"(1) "Conjunction Simplification"(2) "df-rules-formulas[3]"
6151                "≡E"(3) "raa-cor:1" "→E")
6152  next AOT_show ¬𝒜([O!]a & ¬[E!]a)
6153      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_ord_a "raa-cor:3" by blast
6154  next AOT_have ¬([O!]a & ¬[E!]a)
6155      by (metis "KBasic2:3" "&E"(1) "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7" "raa-cor:3" "vdash-properties:10")
6156    AOT_thus ¬Δ([O!]a & ¬[E!]a)
6157      by (rule impossible_delta)
6158  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6159  ultimately AOT_obtain F8 where 𝒜[F8]b & ¬Δ[F8]b & ¬𝒜[F8]a & ¬Δ[F8]a
6160    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6161  AOT_hence 𝒜[F8]b and ¬Δ[F8]b and ¬𝒜[F8]a and ¬Δ[F8]a
6162    using "&E" by blast+
6163  note props = props this
6164
6165  (* TODO_PLM: binary property 9 wrong in PLM *)
6166  let  = "«y ¬[E!]y & ([O!]y  q0)]»"
6167  AOT_modally_strict {
6168    AOT_have [«»] by "cqt:2[lambda]"
6169  } note 1 = this
6170  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6171  proof(safe intro!: "&I"; AOT_subst y ¬E!y & (O!y  q0)]x ¬E!x & (O!x  q0) for: x)
6172    AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
6173      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I" "∨I"(1)
6174                "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
6175  next AOT_show ¬Δ(¬[E!]b & ([O!]b  q0))
6176    proof (rule act_and_pos_not_not_delta)
6177      AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
6178        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I" "∨I"(1)
6179                  "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
6180    next
6181      AOT_show ¬(¬[E!]b & ([O!]b  q0))
6182      proof (AOT_subst ¬(¬[E!]b & ([O!]b  q0)) [E!]b  ¬([O!]b  q0))
6183        AOT_modally_strict {
6184          AOT_show ¬(¬[E!]b & ([O!]b  q0))  [E!]b  ¬([O!]b  q0)
6185            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2) "∨E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
6186        }
6187      next
6188        AOT_show ([E!]b  ¬([O!]b  q0))
6189          using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
6190       qed
6191     qed
6192   next
6193     AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
6194       using "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1) not_act_ord_a not_act_q_zero "reductio-aa:2" by blast
6195   next
6196     AOT_show Δ(¬[E!]a & ([O!]a  q0))
6197     proof (rule not_act_and_pos_delta)
6198       AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
6199         by (metis "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1) not_act_ord_a not_act_q_zero "reductio-aa:2")
6200     next
6201       AOT_have ¬[E!]a
6202         using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_concrete_a not_delta_concrete_a "raa-cor:5" by blast
6203       moreover AOT_have ([O!]a  q0)
6204         by (metis "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(3) q0_prop "raa-cor:3")
6205       ultimately AOT_show (¬[E!]a & ([O!]a  q0))
6206         by (metis "KBasic:16" "&I" "vdash-properties:10")
6207     qed
6208   qed(auto simp:  "beta-C-meta"[THEN "→E", OF 1])
6209  ultimately AOT_obtain F9 where 𝒜[F9]b & ¬Δ[F9]b & ¬𝒜[F9]a & Δ[F9]a
6210    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6211  AOT_hence 𝒜[F9]b and ¬Δ[F9]b and ¬𝒜[F9]a and Δ[F9]a
6212    using "&E" by blast+
6213  note props = props this
6214
6215  AOT_modally_strict {
6216    AOT_have y ¬q0] by "cqt:2[lambda]"
6217  } note 1 = this
6218  moreover AOT_have 𝒜y ¬q0]b & ¬Δy ¬q0]b & 𝒜y ¬q0]a & ¬Δy ¬q0]a
6219    by (safe intro!: "&I"; AOT_subst y ¬q0]x ¬q0 for: x)
6220       (auto simp: act_not_q_zero not_delta_not_q_zero "beta-C-meta"[THEN "→E", OF 1])
6221  ultimately AOT_obtain F10 where 𝒜[F10]b & ¬Δ[F10]b & 𝒜[F10]a & ¬Δ[F10]a
6222    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6223  AOT_hence 𝒜[F10]b and ¬Δ[F10]b and 𝒜[F10]a and ¬Δ[F10]a
6224    using "&E" by blast+
6225  note props = props this
6226
6227  AOT_modally_strict {
6228    AOT_have y ¬[E!]y] by "cqt:2[lambda]"
6229  } note 1 = this
6230  moreover AOT_have 𝒜y ¬[E!]y]b & ¬Δy ¬[E!]y]b & 𝒜y ¬[E!]y]a & Δy ¬[E!]y]a
6231  proof (safe intro!: "&I"; AOT_subst y ¬[E!]y]x ¬[E!]x for: x)
6232    AOT_show 𝒜¬[E!]b
6233      using "Act-Basic:1" "∨E"(2) not_act_concrete_b by blast
6234  next AOT_show ¬Δ¬[E!]b
6235      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta b_prop "&E"(1) "∨E"(2) not_act_concrete_b by blast
6236  next AOT_show 𝒜¬[E!]a
6237      using "Act-Basic:1" "∨E"(2) not_act_concrete_a by blast
6238  next AOT_show Δ¬[E!]a
6239      using "KBasic2:1" "≡E"(2) nec_delta not_act_and_pos_delta not_act_concrete_a not_delta_concrete_a "reductio-aa:1" by blast
6240  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6241  ultimately AOT_obtain F11 where 𝒜[F11]b & ¬Δ[F11]b & 𝒜[F11]a & Δ[F11]a
6242    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6243  AOT_hence 𝒜[F11]b and ¬Δ[F11]b and 𝒜[F11]a and Δ[F11]a
6244    using "&E" by blast+
6245  note props = props this
6246
6247  AOT_have 𝒜[O!]b & Δ[O!]b & ¬𝒜[O!]a & ¬Δ[O!]a
6248    by (simp add: act_ord_b "&I" delta_ord_b not_act_ord_a not_delta_ord_a)
6249  then AOT_obtain F12 where 𝒜[F12]b & Δ[F12]b & ¬𝒜[F12]a & ¬Δ[F12]a
6250    using "oa-exist:1" "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6251  AOT_hence 𝒜[F12]b and Δ[F12]b and ¬𝒜[F12]a and ¬Δ[F12]a
6252    using "&E" by blast+
6253  note props = props this
6254
6255  let  = "«y [O!]y  q0]»"
6256  AOT_modally_strict {
6257    AOT_have [«»] by "cqt:2[lambda]"
6258  } note 1 = this
6259  moreover AOT_have 𝒜[«»]b & Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6260  proof (safe intro!: "&I"; AOT_subst y O!y  q0]x O!x  q0 for: x)
6261    AOT_show 𝒜([O!]b  q0)
6262      by (meson "Act-Basic:9" act_ord_b "∨I"(1) "≡E"(2))
6263  next AOT_show Δ([O!]b  q0)
6264      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "vdash-properties:10")
6265  next AOT_show ¬𝒜([O!]a  q0)
6266      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a not_act_q_zero "raa-cor:3" by blast
6267  next AOT_show Δ([O!]a  q0)
6268    proof (rule not_act_and_pos_delta)
6269      AOT_show ¬𝒜([O!]a  q0)
6270        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a not_act_q_zero "raa-cor:3" by blast
6271    next AOT_show ([O!]a  q0)
6272        using "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(2) q0_prop by blast
6273    qed
6274  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6275  ultimately AOT_obtain F13 where 𝒜[F13]b & Δ[F13]b & ¬𝒜[F13]a & Δ[F13]a
6276    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6277  AOT_hence 𝒜[F13]b and Δ[F13]b and ¬𝒜[F13]a and Δ[F13]a
6278    using "&E" by blast+
6279  note props = props this
6280
6281  let  = "«y [O!]y  ¬q0]»"
6282  AOT_modally_strict {
6283     AOT_have [«»] by "cqt:2[lambda]"
6284  } note 1 = this
6285  moreover AOT_have 𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
6286  proof (safe intro!: "&I"; AOT_subst y O!y  ¬q0]x O!x  ¬q0 for: x)
6287    AOT_show 𝒜([O!]b  ¬q0)
6288      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6289  next AOT_show Δ([O!]b  ¬q0)
6290      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "vdash-properties:10")
6291  next AOT_show 𝒜([O!]a  ¬q0)
6292      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6293  next AOT_show ¬Δ([O!]a  ¬q0)
6294    proof(rule act_and_pos_not_not_delta)
6295      AOT_show 𝒜([O!]a  ¬q0)
6296        by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6297    next
6298      AOT_have ¬[O!]a
6299        using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_ord_a not_delta_ord_a "raa-cor:6" by blast
6300      moreover AOT_have q0
6301        by (meson "&E"(1) q0_prop)
6302      ultimately AOT_have 2: (¬[O!]a & q0)
6303         by (metis "KBasic:16" "&I" "vdash-properties:10")
6304      AOT_show ¬([O!]a  ¬q0)
6305      proof (AOT_subst (reverse) ¬([O!]a  ¬q0) ¬[O!]a & q0)
6306        AOT_modally_strict {
6307          AOT_show ¬[O!]a & q0  ¬([O!]a  ¬q0)
6308            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2)
6309                      "∨E"(3) "deduction-theorem" "≡I" "raa-cor:3")
6310        }
6311      next
6312        AOT_show (¬[O!]a & q0)
6313          using "2" by blast
6314      qed
6315    qed
6316  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6317  ultimately AOT_obtain F14 where 𝒜[F14]b & Δ[F14]b & 𝒜[F14]a & ¬Δ[F14]a
6318    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6319  AOT_hence 𝒜[F14]b and Δ[F14]b and 𝒜[F14]a and ¬Δ[F14]a
6320    using "&E" by blast+
6321  note props = props this
6322
6323  AOT_have [L]
6324    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6325  moreover AOT_have 𝒜[L]b & Δ[L]b & 𝒜[L]a & Δ[L]a
6326  proof (safe intro!: "&I")
6327    AOT_show 𝒜[L]b
6328      by (meson nec_L "nec-imp-act" "vdash-properties:10")
6329    next AOT_show Δ[L]b using nec_L nec_delta by blast
6330    next AOT_show 𝒜[L]a by (meson nec_L "nec-imp-act" "vdash-properties:10")
6331    next AOT_show Δ[L]a using nec_L nec_delta by blast
6332  qed
6333  ultimately AOT_obtain F15 where 𝒜[F15]b & Δ[F15]b & 𝒜[F15]a & Δ[F15]a
6334    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6335  AOT_hence 𝒜[F15]b and Δ[F15]b and 𝒜[F15]a and Δ[F15]a
6336    using "&E" by blast+
6337  note props = props this
6338
6339  show ?thesis
6340    by (rule "∃I"(2)[where β=F0]; rule "∃I"(2)[where β=F1]; rule "∃I"(2)[where β=F2];
6341           rule "∃I"(2)[where β=F3]; rule "∃I"(2)[where β=F4]; rule "∃I"(2)[where β=F5];
6342           rule "∃I"(2)[where β=F6]; rule "∃I"(2)[where β=F7]; rule "∃I"(2)[where β=F8];
6343           rule "∃I"(2)[where β=F9]; rule "∃I"(2)[where β=F10]; rule "∃I"(2)[where β=F11];
6344           rule "∃I"(2)[where β=F12]; rule "∃I"(2)[where β=F13]; rule "∃I"(2)[where β=F14];
6345           rule "∃I"(2)[where β=F15]; safe intro!: "&I")
6346       (match conclusion in "[?v  [F]  [G]]" for F G  6347        match props in A: "[?v  ¬φ{F}]" for φ 6348        match (φ) in "λa . ?p" fail¦ "λa . a" fail¦ _ 6349        match props in B: "[?v  φ{G}]" 6350        fact "pos-not-equiv-ne:4"[where F=F and G=G and φ=φ, THEN "→E",
6351                                OF "oth-class-taut:4:h"[THEN "≡E"(2)],
6352                                OF "Disjunction Addition"(2)[THEN "→E"],
6353                                OF "&I", OF A, OF B]››››)+
6354qed
6355
6356AOT_theorem "o-objects-exist:1": x O!x
6357proof(rule RN)
6358  AOT_modally_strict {
6359    AOT_obtain a where (E!a & ¬𝒜[E!]a)
6360      using "∃E"[rotated, OF "qml:4"[axiom_inst, THEN "BF◇"[THEN "→E"]]] by blast
6361    AOT_hence 1: E!a by (metis "KBasic2:3" "&E"(1) "→E")
6362    AOT_have x [E!]x]a
6363    proof (rule "β←C"(1); "cqt:2[lambda]"?)
6364      AOT_show a using "cqt:2[const_var]"[axiom_inst] by blast
6365    next
6366      AOT_show E!a by (fact 1)
6367    qed
6368    AOT_hence O!a by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6369    AOT_thus x [O!]x by (rule "∃I")
6370  }
6371qed
6372
6373AOT_theorem "o-objects-exist:2": x A!x
6374proof (rule RN)
6375  AOT_modally_strict {
6376    AOT_obtain a where [A!]a
6377      using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6378    AOT_thus x A!x using "∃I" by blast
6379  }
6380qed
6381
6382AOT_theorem "o-objects-exist:3": ¬x O!x
6383  by (rule RN) (metis (no_types, hide_lams) "∃E" "cqt-orig:1[const_var]" "≡E"(4) "modus-tollens:1" "o-objects-exist:2" "oa-contingent:2" "qml:2"[axiom_inst] "reductio-aa:2")
6384
6385AOT_theorem "o-objects-exist:4": ¬x A!x
6386  by (rule RN) (metis (mono_tags, hide_lams) "∃E" "cqt-orig:1[const_var]" "≡E"(1) "modus-tollens:1" "o-objects-exist:1" "oa-contingent:2" "qml:2"[axiom_inst] "→E")
6387
6388AOT_theorem "o-objects-exist:5": ¬x E!x
6389proof (rule RN; rule "raa-cor:2")
6390  AOT_modally_strict {
6391    AOT_assume x E!x
6392    moreover AOT_obtain a where abs: A!a
6393      using "o-objects-exist:2"[THEN "qml:2"[axiom_inst, THEN "→E"]] "∃E"[rotated] by blast
6394    ultimately AOT_have E!a using "∀E" by blast
6395    AOT_hence 1: E!a by (metis "T◇" "→E")
6396    AOT_have y E!y]a
6397    proof (rule "β←C"(1); "cqt:2[lambda]"?)
6398      AOT_show a using "cqt:2[const_var]"[axiom_inst].
6399    next
6400      AOT_show E!a by (fact 1)
6401    qed
6402    AOT_hence O!a
6403      by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6404    AOT_hence ¬A!a by (metis "≡E"(1) "oa-contingent:2") 
6405    AOT_thus p & ¬p for p using abs by (metis "raa-cor:3")
6406  }
6407qed
6408
6409AOT_theorem partition: ¬x (O!x & A!x)
6410proof(rule "raa-cor:2")
6411  AOT_assume x (O!x & A!x)
6412  then AOT_obtain a where O!a & A!a using "∃E"[rotated] by blast
6413  AOT_thus p & ¬p for p by (metis "&E"(1) "Conjunction Simplification"(2) "≡E"(1) "modus-tollens:1" "oa-contingent:2" "raa-cor:3")
6414qed
6415
6416AOT_define eq_E :: ‹Π› ("'(=E')") "=E": (=E) =df xy O!x & O!y & F ([F]x  [F]y)]
6417
6418syntax "_AOT_eq_E_infix" :: ‹τ  τ  φ› (infixl "=E" 50)
6419translations
6420  "_AOT_eq_E_infix κ κ'" == "CONST AOT_exe (CONST eq_E) (CONST Pair κ κ')"
6421(* TODO: try to replace by a simple translations pattern *)
6422print_translation6423AOT_syntax_print_translations
6424[(const_syntax‹AOT_exe›, fn ctxt => fn [
6425  Const ("constAOT_PLM.eq_E", _),
6426  Const (const_syntax‹Pair›, _) $ lhs $ rhs
6427] => Const (syntax_const‹_AOT_eq_E_infix›, dummyT) $ lhs $ rhs)]
6428
6429text‹Note: Not explicitly mentioned as theorem in PLM.›
6430AOT_theorem "=E[denotes]": [(=E)]
6431  by (rule "=dfI"(2)[OF "=E"]) "cqt:2[lambda]"+
6432
6433AOT_theorem "=E-simple:1": x =E y  (O!x & O!y & F ([F]x  [F]y))
6434proof -
6435  (* TODO: rethink the product hacks *)
6436  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
6437    by (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6438  AOT_have 1: xy [O!]x & [O!]y & F ([F]x  [F]y)] by "cqt:2[lambda]"
6439  show ?thesis apply (rule "=dfI"(2)[OF "=E"]; "cqt:2[lambda]"?)
6440    using "beta-C-meta"[THEN "→E", OF 1, unvarify ν1νn, of "(AOT_term_of_var x,AOT_term_of_var y)", OF 0]
6441    by fast
6442qed
6443
6444AOT_theorem "=E-simple:2": x =E y  x = y
6445proof (rule "→I")
6446  AOT_assume x =E y
6447  AOT_hence O!x & O!y & F ([F]x  [F]y) using "=E-simple:1"[THEN "≡E"(1)] by blast
6448  AOT_thus x = y
6449    using "≡dfI"[OF "identity:1"] "∨I" by blast
6450qed
6451
6452AOT_theorem "id-nec3:1": x =E y  (x =E y)
6453proof (rule "≡I"; rule "→I")
6454  AOT_assume x =E y
6455  AOT_hence O!x & O!y & F ([F]x  [F]y)
6456    using "=E-simple:1" "≡E" by blast
6457  AOT_hence O!x & O!y & F ([F]x  [F]y)
6458    by (metis "S5Basic:6" "&I" "&E"(1) "&E"(2) "≡E"(4) "oa-facts:1" "raa-cor:3" "vdash-properties:10")
6459  AOT_hence (O!x & O!y & F ([F]x  [F]y))
6460    by (metis "&E"(1) "&E"(2) "≡E"(2) "KBasic:3" "&I")
6461  AOT_thus (x =E y)
6462    using "=E-simple:1"
6463    by (AOT_subst x =E y O!x & O!y & F ([F]x  [F]y)) auto
6464next
6465  AOT_assume (x =E y)
6466  AOT_thus x =E y using "qml:2"[axiom_inst, THEN "→E"] by blast
6467qed
6468
6469AOT_theorem "id-nec3:2": (x =E y)  x =E y
6470  by (meson "RE◇" "S5Basic:2" "id-nec3:1" "≡E"(1) "≡E"(5) "Commutativity of ≡")
6471
6472AOT_theorem "id-nec3:3": (x =E y)  (x =E y)
6473  by (meson "id-nec3:1" "id-nec3:2" "≡E"(5))
6474
6475syntax "_AOT_non_eq_E" :: ‹Π› ("'(≠E')")
6476translations
6477  (Π) "(≠E)" == (Π) "(=E)-"
6478syntax "_AOT_non_eq_E_infix" :: ‹τ  τ  φ› (infixl "E" 50)
6479translations
6480 "_AOT_non_eq_E_infix κ κ'" == "CONST AOT_exe (CONST relation_negation (CONST eq_E)) (CONST Pair κ κ')"
6481(* TODO: try replacing be a simple translations pattern *)
6482print_translation6483AOT_syntax_print_translations
6484[(const_syntax‹AOT_exe›, fn ctxt => fn [
6485  Const (const_syntax‹relation_negation›, _) $ Const ("constAOT_PLM.eq_E", _),
6486  Const (const_syntax‹Pair›, _) $ lhs $ rhs
6487] => Const (syntax_const‹_AOT_non_eq_E_infix›, dummyT) $ lhs $ rhs)]
6488AOT_theorem "thm-neg=E": x E y  ¬(x =E y)
6489proof -
6490  (* TODO: rethink the product hacks *)
6491  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
6492    by (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6493  AOT_have θ: x1...x2 ¬(=E)x1...x2] by "cqt:2[lambda]" (* TODO_PLM: convoluted proof in PLM; TODO: product hack *)
6494  AOT_have x E y  x1...x2 ¬(=E)x1...x2]xy
6495    by (rule "=dfI"(1)[OF "df-relation-negation", OF θ])
6496       (meson "oth-class-taut:3:a")
6497  also AOT_have   ¬(=E)xy
6498    apply (rule "beta-C-meta"[THEN "→E", unvarify ν1νn])
6499     apply "cqt:2[lambda]"
6500    by (fact 0)
6501  finally show ?thesis.
6502qed
6503
6504AOT_theorem "id-nec4:1": x E y  (x E y)
6505proof -
6506  AOT_have x E y  ¬(x =E y) using "thm-neg=E".
6507  also AOT_have   ¬(x =E y)
6508    by (meson "id-nec3:2" "≡E"(1) "Commutativity of ≡" "oth-class-taut:4:b")
6509  also AOT_have   ¬(x =E y)
6510    by (meson "KBasic2:1" "≡E"(2) "Commutativity of ≡")
6511  also AOT_have   (x E y)
6512    by (AOT_subst (reverse) ¬(x =E y) x E y)
6513       (auto simp: "thm-neg=E" "oth-class-taut:3:a")
6514  finally show ?thesis.
6515qed
6516
6517AOT_theorem "id-nec4:2": (x E y)  (x E y)
6518  by (meson "RE◇" "S5Basic:2" "id-nec4:1" "≡E"(2) "≡E"(5) "Commutativity of ≡")
6519
6520AOT_theorem "id-nec4:3": (x E y)  (x E y)
6521  by (meson "id-nec4:1" "id-nec4:2" "≡E"(5))
6522
6523AOT_theorem "id-act2:1": x =E y  𝒜x =E y
6524  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec3:2" "≡E"(1) "≡E"(6))
6525AOT_theorem "id-act2:2": x E y  𝒜x E y
6526  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec4:2" "≡E"(1) "≡E"(6))
6527
6528AOT_theorem "ord=Eequiv:1": O!x  x =E x
6529proof (rule "→I")
6530  AOT_assume 1: O!x
6531  AOT_show x =E x
6532    apply (rule "=dfI"(2)[OF "=E"]) apply "cqt:2[lambda]"
6533    apply (rule "β←C"(1))
6534      apply "cqt:2[lambda]"
6535     apply (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6536    by (simp add: "1" RN "&I" "oth-class-taut:3:a" "universal-cor")
6537qed
6538
6539AOT_theorem "ord=Eequiv:2": x =E y  y =E x
6540proof(rule CP)
6541  AOT_assume 1: x =E y
6542  AOT_hence 2: x = y by (metis "=E-simple:2" "vdash-properties:10") 
6543  AOT_have O!x using 1 by (meson "&E"(1) "=E-simple:1" "≡E"(1))
6544  AOT_hence x =E x using "ord=Eequiv:1" "→E" by blast
6545  AOT_thus y =E x using "rule=E"[rotated, OF 2] by fast
6546qed
6547
6548AOT_theorem "ord=Eequiv:3": (x =E y & y =E z)  x =E z
6549proof (rule CP)
6550  AOT_assume 1: x =E y & y =E z
6551  AOT_hence x = y & y = z
6552    by (metis "&I" "&E"(1) "&E"(2) "=E-simple:2" "vdash-properties:6")
6553  AOT_hence x = z by (metis "id-eq:3" "vdash-properties:6")
6554  moreover AOT_have x =E x
6555    using 1[THEN "&E"(1)] "&E"(1) "=E-simple:1" "≡E"(1) "ord=Eequiv:1" "→E" by blast
6556  ultimately AOT_show x =E z
6557    using "rule=E" by fast
6558qed
6559
6560AOT_theorem "ord-=E=:1": (O!x  O!y)  (x = y  x =E y)
6561proof(rule CP)
6562  AOT_assume O!x  O!y
6563  moreover {
6564    AOT_assume O!x
6565    AOT_hence O!x by (metis "oa-facts:1" "vdash-properties:10")
6566    moreover {
6567      AOT_modally_strict {
6568        AOT_have O!x  (x = y  x =E y)
6569        proof (rule "→I"; rule "≡I"; rule "→I")
6570          AOT_assume O!x
6571          AOT_hence x =E x by (metis "ord=Eequiv:1" "→E")
6572          moreover AOT_assume x = y
6573          ultimately AOT_show x =E y using "rule=E" by fast
6574        next
6575          AOT_assume x =E y
6576          AOT_thus x = y by (metis "=E-simple:2" "→E")
6577        qed
6578      }
6579      AOT_hence O!x  (x = y  x =E y) by (metis "RM:1")
6580    }
6581    ultimately AOT_have (x = y  x =E y) using "→E" by blast
6582  }
6583  moreover {
6584    AOT_assume O!y
6585    AOT_hence O!y by (metis "oa-facts:1" "vdash-properties:10")
6586    moreover {
6587      AOT_modally_strict {
6588        AOT_have O!y  (x = y  x =E y)
6589        proof (rule "→I"; rule "≡I"; rule "→I")
6590          AOT_assume O!y
6591          AOT_hence y =E y by (metis "ord=Eequiv:1" "→E")
6592          moreover AOT_assume x = y
6593          ultimately AOT_show x =E y using "rule=E" id_sym by fast
6594        next
6595          AOT_assume x =E y
6596          AOT_thus x = y by (metis "=E-simple:2" "→E")
6597        qed
6598      }
6599      AOT_hence O!y  (x = y  x =E y) by (metis "RM:1")
6600    }
6601    ultimately AOT_have (x = y  x =E y) using "→E" by blast
6602  }
6603  ultimately AOT_show (x = y  x =E y) by (metis "∨E"(3) "raa-cor:1")
6604qed
6605
6606AOT_theorem "ord-=E=:2": O!y  x x = y]
6607proof (rule "→I"; rule "safe-ext"[axiom_inst, THEN "→E"]; rule "&I")
6608  AOT_show x x =E y] by "cqt:2[lambda]"
6609next
6610  AOT_assume O!y
6611  AOT_hence 1: (x = y  x =E y) for x using "ord-=E=:1" "→E" "∨I" by blast
6612  AOT_have (x =E y  x = y) for x
6613    by (AOT_subst x =E y  x = y x = y  x =E y)
6614       (auto simp add: "Commutativity of ≡" 1)
6615  AOT_hence x (x =E y  x = y) by (rule GEN)
6616  AOT_thus x (x =E y  x = y) by (rule BF[THEN "→E"])
6617qed
6618
6619
6620AOT_theorem "ord-=E=:3": xy O!x & O!y & x = y]
6621proof (rule "safe-ext[2]"[axiom_inst, THEN "→E"]; rule "&I")
6622  AOT_show xy O!x & O!y & x =E y] by "cqt:2[lambda]"
6623next
6624  AOT_show xy ([O!]x & [O!]y & x =E y  [O!]x & [O!]y & x = y)
6625  proof (rule RN; rule GEN; rule GEN; rule "≡I"; rule "→I")
6626    AOT_modally_strict {
6627      AOT_show [O!]x & [O!]y & x = y if [O!]x & [O!]y & x =E y for x y
6628        by (metis "&I" "&E"(1) "Conjunction Simplification"(2) "=E-simple:2"
6629                  "modus-tollens:1" "raa-cor:1" that)
6630    }
6631  next
6632    AOT_modally_strict {
6633      AOT_show [O!]x & [O!]y & x =E y if [O!]x & [O!]y & x = y for x y
6634        apply(safe intro!: "&I")
6635          apply (metis that[THEN "&E"(1), THEN "&E"(1)])
6636         apply (metis that[THEN "&E"(1), THEN "&E"(2)])
6637        using "rule=E"[rotated, OF that[THEN "&E"(2)]]
6638              "ord=Eequiv:1"[THEN "→E", OF that[THEN "&E"(1), THEN "&E"(1)]] by fast
6639    }
6640  qed
6641qed
6642
6643AOT_theorem "ind-nec": F ([F]x  [F]y)  F ([F]x  [F]y)
6644proof(rule "→I")
6645  AOT_assume F ([F]x  [F]y)
6646  moreover AOT_have x F ([F]x  [F]y)] by "cqt:2[lambda]"
6647  ultimately AOT_have x F ([F]x  [F]y)]x  x F ([F]x  [F]y)]y
6648    using "∀E" by blast
6649  moreover AOT_have x F ([F]x  [F]y)]y
6650    apply (rule "β←C"(1))
6651      apply "cqt:2[lambda]"
6652     apply (fact "cqt:2[const_var]"[axiom_inst])
6653    by (simp add: RN GEN "oth-class-taut:3:a")
6654  ultimately AOT_have x F ([F]x  [F]y)]x using "≡E" by blast
6655  AOT_thus F ([F]x  [F]y)
6656    using "β→C"(1) by blast
6657qed
6658
6659AOT_theorem "ord=E:1": (O!x & O!y)  (F ([F]x  [F]y)  x =E y)
6660proof (rule "→I"; rule "→I")
6661  AOT_assume F ([F]x  [F]y)
6662  AOT_hence F ([F]x  [F]y)
6663    using "ind-nec"[THEN "→E"] by blast
6664  moreover AOT_assume O!x & O!y
6665  ultimately AOT_have O!x & O!y & F ([F]x  [F]y)
6666    using "&I" by blast
6667  AOT_thus x =E y using "=E-simple:1"[THEN "≡E"(2)] by blast
6668qed
6669
6670AOT_theorem "ord=E:2": (O!x & O!y)  (F ([F]x  [F]y)  x = y)
6671proof (rule "→I"; rule "→I")
6672  AOT_assume O!x & O!y
6673  moreover AOT_assume F ([F]x  [F]y)
6674  ultimately AOT_have x =E y
6675    using "ord=E:1" "→E" by blast
6676  AOT_thus x = y using "=E-simple:2"[THEN "→E"] by blast
6677qed
6678
6679AOT_theorem "ord=E2:1": (O!x & O!y)  (x  y  z z =E x]  z z =E y])
6680proof (rule "→I"; rule "≡I"; rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6681  AOT_assume 0: O!x & O!y
6682  AOT_assume x  y
6683  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
6684  AOT_assume z z =E x] = z z =E y]
6685  moreover AOT_have z z =E x]x
6686    apply (rule "β←C"(1))
6687      apply "cqt:2[lambda]"
6688     apply (fact "cqt:2[const_var]"[axiom_inst])
6689    using "ord=Eequiv:1"[THEN "→E", OF 0[THEN "&E"(1)]].
6690  ultimately AOT_have z z =E y]x using "rule=E" by fast
6691  AOT_hence x =E y using "β→C"(1) by blast
6692  AOT_hence x = y by (metis "=E-simple:2" "vdash-properties:6")
6693  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
6694next
6695  AOT_assume z z =E x]  z z =E y]
6696  AOT_hence 0: ¬(z z =E x] = z z =E y]) using "≡dfE"[OF "=-infix"] by blast
6697  AOT_have z z =E x] by "cqt:2[lambda]"
6698  AOT_hence z z =E x] = z z =E x]
6699    by (metis "rule=I:1")
6700  moreover AOT_assume x = y
6701  ultimately AOT_have z z =E x] = z z =E y]
6702    using "rule=E" by fast
6703  AOT_thus z z =E x] = z z =E y] & ¬(z z =E x] = z z =E y])
6704    using 0 "&I" by blast
6705qed
6706
6707AOT_theorem "ord=E2:2": (O!x & O!y)  (x  y  z z = x]  z z = y])
6708proof (rule "→I"; rule "≡I"; rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6709  AOT_assume 0: O!x & O!y
6710  AOT_assume x  y
6711  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
6712  AOT_assume z z = x] = z z = y]
6713  moreover AOT_have z z = x]x
6714    apply (rule "β←C"(1))
6715    apply (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
6716     apply (fact "cqt:2[const_var]"[axiom_inst])
6717    by (simp add: "id-eq:1")
6718  ultimately AOT_have z z = y]x using "rule=E" by fast
6719  AOT_hence x = y using "β→C"(1) by blast
6720  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
6721next
6722  AOT_assume 0: O!x & O!y
6723  AOT_assume z z = x]  z z = y]
6724  AOT_hence 1: ¬(z z = x] = z z = y]) using "≡dfE"[OF "=-infix"] by blast
6725  AOT_have z z = x] by (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
6726  AOT_hence z z = x] = z z = x]
6727    by (metis "rule=I:1")
6728  moreover AOT_assume x = y
6729  ultimately AOT_have z z = x] = z z = y]
6730    using "rule=E" by fast
6731  AOT_thus z z = x] = z z = y] & ¬(z z = x] = z z = y])
6732    using 1 "&I" by blast
6733qed
6734
6735AOT_theorem ordnecfail: O!x  ¬F x[F]
6736  by (meson "RM:1" "deduction-theorem" nocoder "oa-facts:1" "vdash-properties:10" "vdash-properties:1[2]")
6737
6738AOT_theorem "ab-obey:1": (A!x & A!y)  (F (x[F]  y[F])  x = y)
6739proof (rule "→I"; rule "→I")
6740  AOT_assume 1: A!x & A!y
6741  AOT_assume F (x[F]  y[F])
6742  AOT_hence x[F]  y[F] for F using "∀E" by blast
6743  AOT_hence (x[F]  y[F]) for F by (metis "en-eq:6[1]" "≡E"(1))
6744  AOT_hence F (x[F]  y[F]) by (rule GEN)
6745  AOT_hence F (x[F]  y[F]) by (rule BF[THEN "→E"])
6746  AOT_thus x = y
6747    using "≡dfI"[OF "identity:1", OF "∨I"(2)] 1 "&I" by blast
6748qed
6749
6750AOT_theorem "ab-obey:2": (F (x[F] & ¬y[F])  F (y[F] & ¬x[F]))  x  y
6751proof (rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6752  AOT_assume 1: x = y
6753  AOT_assume F (x[F] & ¬y[F])  F (y[F] & ¬x[F])
6754  moreover {
6755    AOT_assume F (x[F] & ¬y[F])
6756    then AOT_obtain F where x[F] & ¬y[F] using "∃E"[rotated] by blast
6757    moreover AOT_have y[F] using calculation[THEN "&E"(1)] 1 "rule=E" by fast
6758    ultimately AOT_have p & ¬p for p by (metis "Conjunction Simplification"(2) "modus-tollens:2" "raa-cor:3")
6759  }
6760  moreover {
6761    AOT_assume F (y[F] & ¬x[F])
6762    then AOT_obtain F where y[F] & ¬x[F] using "∃E"[rotated] by blast
6763    moreover AOT_have ¬y[F] using calculation[THEN "&E"(2)] 1 "rule=E" by fast
6764    ultimately AOT_have p & ¬p for p by (metis "Conjunction Simplification"(1) "modus-tollens:1" "raa-cor:3")
6765  }
6766  ultimately AOT_show p & ¬p for p by (metis "∨E"(3) "raa-cor:1")
6767qed
6768
6769AOT_theorem "encoders-are-abstract": F x[F]  A!x
6770  by (meson "deduction-theorem" "≡E"(2) "modus-tollens:2" nocoder
6771            "oa-contingent:3" "vdash-properties:1[2]")
6772
6773AOT_theorem "denote=:1": Hx x[H]
6774  by (rule GEN; rule "existence:2[1]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6775
6776AOT_theorem "denote=:2": Gx1...∃xn x1...xn[H]
6777  by (rule GEN; rule "existence:2"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6778
6779AOT_theorem "denote=:2[2]": Gx1x2 x1x2[H]
6780  by (rule GEN; rule "existence:2[2]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6781
6782AOT_theorem "denote=:2[3]": Gx1x2x3 x1x2x3[H]
6783  by (rule GEN; rule "existence:2[3]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6784
6785AOT_theorem "denote=:2[4]": Gx1x2x3x4 x1x2x3x4[H]
6786  by (rule GEN; rule "existence:2[4]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6787
6788AOT_theorem "denote=:3": x x[Π]  H (H = Π)
6789  using "existence:2[1]" "free-thms:1" "≡E"(2) "≡E"(5) "Commutativity of ≡" "≡Df" by blast
6790
6791AOT_theorem "denote=:4": (x1...∃xn x1...xn[Π])  H (H = Π)
6792  using "existence:2" "free-thms:1" "≡E"(6) "≡Df" by blast
6793
6794AOT_theorem "denote=:4[2]": (x1x2 x1x2[Π])  H (H = Π)
6795  using "existence:2[2]" "free-thms:1" "≡E"(6) "≡Df" by blast
6796
6797AOT_theorem "denote=:4[3]": (x1x2x3 x1x2x3[Π])  H (H = Π)
6798  using "existence:2[3]" "free-thms:1" "≡E"(6) "≡Df" by blast
6799
6800AOT_theorem "denote=:4[4]": (x1x2x3x4 x1x2x3x4[Π])  H (H = Π)
6801  using "existence:2[4]" "free-thms:1" "≡E"(6) "≡Df" by blast
6802
6803AOT_theorem "A-objects!": ∃!x (A!x & F (x[F]  φ{F}))
6804proof (rule "uniqueness:1"[THEN "≡dfI"])
6805  AOT_obtain a where a_prop: A!a & F (a[F]  φ{F})
6806    using "A-objects"[axiom_inst] "∃E"[rotated] by blast
6807  AOT_have (A!β & F (β[F]  φ{F}))  β = a for β
6808  proof (rule "→I")
6809    AOT_assume β_prop: [A!]β & F (β[F]  φ{F})
6810    AOT_hence β[F]  φ{F} for F using "∀E" "&E" by blast
6811    AOT_hence β[F]  a[F] for F
6812      using a_prop[THEN "&E"(2)] "∀E" "≡E"(2) "≡E"(5) "Commutativity of ≡" by fast
6813    AOT_hence F (β[F]  a[F]) by (rule GEN)
6814    AOT_thus β = a
6815      using "ab-obey:1"[THEN "→E", OF "&I"[OF β_prop[THEN "&E"(1)], OF a_prop[THEN "&E"(1)]], THEN "→E"] by blast
6816  qed
6817  AOT_hence β ((A!β & F (β[F]  φ{F}))  β = a) by (rule GEN)
6818  AOT_thus α ([A!]α & F (α[F]  φ{F}) & β ([A!]β & F (β[F]  φ{F})  β = α))
6819    using "∃I" using a_prop "&I" by fast
6820qed
6821
6822AOT_theorem "obj-oth:1": ∃!x (A!x & F (x[F]  [F]y))
6823  using "A-objects!" by fast
6824
6825AOT_theorem "obj-oth:2": ∃!x (A!x & F (x[F]  [F]y & [F]z))
6826  using "A-objects!" by fast
6827
6828AOT_theorem "obj-oth:3": ∃!x (A!x & F (x[F]  [F]y  [F]z))
6829  using "A-objects!" by fast
6830
6831AOT_theorem "obj-oth:4": ∃!x (A!x & F (x[F]  [F]y))
6832  using "A-objects!" by fast
6833
6834AOT_theorem "obj-oth:5": ∃!x (A!x & F (x[F]  F = G))
6835  using "A-objects!" by fast
6836
6837AOT_theorem "obj-oth:6": ∃!x (A!x & F (x[F]  y([G]y  [F]y)))
6838  using "A-objects!" by fast
6839
6840AOT_theorem "A-descriptions": ιx (A!x & F (x[F]  φ{F}))
6841  by (rule "A-Exists:2"[THEN "≡E"(2)]; rule "RA[2]"; rule "A-objects!")
6842
6843AOT_act_theorem "thm-can-terms2": y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
6844  using "y-in:2" by blast
6845
6846AOT_theorem "can-ab2": y = ιx(A!x & F (x[F]  φ{F}))   A!y
6847proof(rule "→I")
6848  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
6849  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
6850    using "actual-desc:2"[THEN "→E"] by blast
6851  AOT_hence 𝒜A!y by (metis "Act-Basic:2" "&E"(1) "≡E"(1))
6852  AOT_thus A!y by (metis "≡E"(2) "oa-facts:8")
6853qed
6854
6855AOT_act_theorem "desc-encode:1": ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6856proof -
6857  AOT_have ιx(A!x & F (x[F]  φ{F}))
6858    by (simp add: "A-descriptions")
6859  AOT_hence A!ιx(A!x & F (x[F]  φ{F})) & F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6860    using "y-in:3"[THEN "→E"] by blast
6861  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6862    using "&E" "∀E" by blast
6863qed
6864
6865AOT_act_theorem "desc-encode:2": ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
6866  using "desc-encode:1".
6867
6868AOT_theorem "desc-nec-encode:1": ιx (A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6869proof -
6870  AOT_have 0: ιx(A!x & F (x[F]  φ{F}))
6871    by (simp add: "A-descriptions")
6872  AOT_hence 𝒜(A!ιx(A!x & F (x[F]  φ{F})) & F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}))
6873    using "actual-desc:4"[THEN "→E"] by blast
6874  AOT_hence 𝒜F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6875    using "Act-Basic:2" "&E"(2) "≡E"(1) by blast
6876  AOT_hence F 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6877    using "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]" by blast
6878  AOT_hence 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6879    using "∀E" by blast
6880  AOT_hence 𝒜ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6881    using "Act-Basic:5" "≡E"(1) by blast
6882  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6883    using "en-eq:10[1]"[unvarify x1, OF 0] "≡E"(6) by blast
6884qed
6885
6886AOT_theorem "desc-nec-encode:2": ιx (A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
6887  using "desc-nec-encode:1".
6888
6889AOT_theorem "Box-desc-encode:1": φ{G}  ιx(A!x & F (x[F]  φ{G}))[G]
6890  by (rule "→I"; rule "desc-nec-encode:2"[THEN "≡E"(2)])
6891     (meson "nec-imp-act" "vdash-properties:10")
6892
6893AOT_theorem "Box-desc-encode:2": φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
6894proof(rule CP)
6895  AOT_assume φ{G}
6896  AOT_hence φ{G} by (metis "S5Basic:6" "≡E"(1))
6897  moreover AOT_have φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
6898  proof (rule RM; rule "→I")
6899    AOT_modally_strict {
6900      AOT_assume 1: φ{G}
6901      AOT_hence ιx(A!x & F (x[F]  φ{G}))[G] using "Box-desc-encode:1" "→E" by blast
6902      moreover AOT_have φ{G} using 1 by (meson "qml:2" "vdash-properties:10" "vdash-properties:1[2]")
6903      ultimately AOT_show ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}
6904        using "deduction-theorem" "≡I" by simp
6905    }
6906  qed
6907  ultimately AOT_show (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}) using "→E" by blast
6908qed
6909
6910definition rigid_condition where rigid_condition φ  v . [v  α (φ{α}  φ{α})]
6911syntax rigid_condition :: ‹id_position  AOT_prop› ("RIGID'_CONDITION'(_')")
6912
6913AOT_theorem "strict-can:1[E]": assumes RIGID_CONDITION(φ)
6914  shows α (φ{α}  φ{α})
6915  using assms[unfolded rigid_condition_def] by auto
6916
6917AOT_theorem "strict-can:1[I]":
6918  assumes  α (φ{α}  φ{α})
6919  shows RIGID_CONDITION(φ)
6920  using assms rigid_condition_def by auto
6921
6922AOT_theorem "box-phi-a:1": assumes RIGID_CONDITION(φ)
6923  shows (A!x  & F (x[F]  φ{F}))  (A!x & F (x[F]  φ{F}))
6924proof (rule "→I")
6925  AOT_assume a: A!x & F (x[F]  φ{F})
6926  AOT_hence b: A!x by (metis "Conjunction Simplification"(1) "oa-facts:2" "vdash-properties:10")
6927  AOT_have x[F]  φ{F} for F using a[THEN "&E"(2)] "∀E" by blast
6928  moreover AOT_have (x[F]  x[F]) for F by (meson "pre-en-eq:1[1]" RN)
6929  moreover AOT_have (φ{F}  φ{F}) for F using RN "strict-can:1[E]"[OF assms] "∀E" by blast
6930  ultimately AOT_have (x[F]  φ{F}) for F
6931    using "sc-eq-box-box:5" "qml:2"[axiom_inst, THEN "→E"] "→E" "&I" by metis
6932  AOT_hence F (x[F]  φ{F}) by (rule GEN)
6933  AOT_hence F (x[F]  φ{F}) by (rule BF[THEN "→E"])
6934  AOT_thus ([A!]x & F (x[F]  φ{F}))
6935    using b "KBasic:3" "≡S"(1) "≡E"(2) by blast
6936qed
6937
6938AOT_theorem "box-phi-a:2": assumes RIGID_CONDITION(φ)
6939  shows y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
6940proof(rule "→I")
6941  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
6942  AOT_hence 𝒜(A!y & F (y[F]  φ{F})) using "actual-desc:2"[THEN "→E"] by fast
6943  AOT_hence abs: 𝒜A!y and 𝒜F (y[F]  φ{F})
6944    using "Act-Basic:2" "&E" "≡E"(1) by blast+
6945  AOT_hence F 𝒜(y[F]  φ{F}) by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
6946  AOT_hence 𝒜(y[F]  φ{F}) for F using "∀E" by blast
6947  AOT_hence 𝒜y[F]  𝒜φ{F} for F by (metis "Act-Basic:5" "≡E"(1)) 
6948  AOT_hence y[F]  φ{F} for F
6949    using "sc-eq-fur:2"[THEN "→E", OF "strict-can:1[E]"[OF assms, THEN "∀E"(2)[where β=F], THEN RN]]
6950    by (metis "en-eq:10[1]" "≡E"(6))
6951  AOT_hence F (y[F]  φ{F}) by (rule GEN)
6952  AOT_thus [A!]y & F (y[F]  φ{F}) using abs "&I" "≡E"(2) "oa-facts:8" by blast
6953qed
6954
6955AOT_theorem "box-phi-a:3": assumes RIGID_CONDITION(φ)
6956  shows ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6957  using "desc-nec-encode:2"
6958    "sc-eq-fur:2"[THEN "→E", OF "strict-can:1[E]"[OF assms, THEN "∀E"(2)[where β=F], THEN RN]]
6959    "≡E"(5) by blast
6960
6961AOT_define Null :: ‹τ  φ› ("Null'(_')") 
6962  "df-null-uni:1": Null(x) df A!x & ¬F x[F]
6963
6964AOT_define Universal :: ‹τ  φ› ("Universal'(_')")
6965  "df-null-uni:2": Universal(x) df A!x & F x[F]
6966
6967AOT_theorem "null-uni-uniq:1": ∃!x Null(x)
6968proof (rule "uniqueness:1"[THEN "≡dfI"])
6969  AOT_obtain a where a_prop: A!a & F (a[F]  ¬(F = F))
6970    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
6971  AOT_have a_null: ¬a[F] for F
6972  proof (rule "raa-cor:2")
6973    AOT_assume a[F]
6974    AOT_hence ¬(F = F) using a_prop[THEN "&E"(2)] "∀E" "≡E" by blast
6975    AOT_hence F = F & ¬(F = F) by (metis "id-eq:1" "raa-cor:3")
6976    AOT_thus p & ¬p for p  by (metis "raa-cor:1")
6977  qed
6978  AOT_have Null(a) & β (Null(β)  β = a)
6979  proof (rule "&I")
6980    AOT_have ¬F a[F] using a_null by (metis "instantiation" "reductio-aa:1")
6981    AOT_thus Null(a)
6982      using "df-null-uni:1"[THEN "≡dfI"] a_prop[THEN "&E"(1)] "&I" by metis
6983  next
6984    AOT_show β (Null(β)  β = a)
6985    proof (rule GEN; rule "→I")
6986      fix β
6987      AOT_assume a: Null(β)
6988      AOT_hence ¬F β[F]
6989        using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
6990      AOT_hence β_null: ¬β[F] for F by (metis "existential:2[const_var]" "reductio-aa:1")
6991      AOT_have F (β[F]  a[F])
6992        apply (rule GEN; rule "≡I"; rule CP)
6993        using "raa-cor:3" β_null a_null by blast+
6994      moreover AOT_have A!β using a "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
6995      ultimately AOT_show β = a
6996        using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"] "&I" by blast
6997    qed
6998  qed
6999  AOT_thus α (Null(α) & β (Null(β)  β = α)) using "∃I"(2) by fast
7000qed
7001
7002AOT_theorem "null-uni-uniq:2": ∃!x Universal(x)
7003proof (rule "uniqueness:1"[THEN "≡dfI"])
7004  AOT_obtain a where a_prop: A!a & F (a[F]  F = F)
7005    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7006  AOT_hence aF: a[F] for F using "&E" "∀E" "≡E" "id-eq:1" by fast
7007  AOT_hence Universal(a)
7008    using "df-null-uni:2"[THEN "≡dfI"] "&I" a_prop[THEN "&E"(1)] GEN by blast
7009  moreover AOT_have β (Universal(β)  β = a)
7010  proof (rule GEN; rule "→I")
7011    fix β
7012    AOT_assume Universal(β)
7013    AOT_hence abs_β: A!β and β[F] for F using "df-null-uni:2"[THEN "≡dfE"] "&E" "∀E" by blast+
7014    AOT_hence β[F]  a[F] for F using aF by (metis "deduction-theorem" "≡I")
7015    AOT_hence F (β[F]  a[F]) by (rule GEN)
7016    AOT_thus β = a
7017      using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"] "&I" abs_β by blast
7018  qed
7019  ultimately AOT_show α (Universal(α) & β (Universal(β)  β = α))
7020    using "&I" "∃I" by fast
7021qed
7022
7023AOT_theorem "null-uni-uniq:3": ιx Null(x)
7024  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:1" by blast
7025
7026AOT_theorem "null-uni-uniq:4": ιx Universal(x)
7027  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:2" by blast
7028
7029AOT_define Null_object :: ‹κs (a)
7030  "df-null-uni-terms:1": a =df ιx Null(x)
7031
7032AOT_define Universal_object :: ‹κs (aV)
7033  "df-null-uni-terms:2": aV =df ιx Universal(x)
7034
7035AOT_theorem "null-uni-facts:1": Null(x)  Null(x)
7036proof (rule "→I")
7037  AOT_assume Null(x)
7038  AOT_hence x_abs: A!x and x_null: ¬F x[F]
7039    using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast+
7040  AOT_have ¬x[F] for F using x_null
7041    using "existential:2[const_var]" "reductio-aa:1"
7042    by metis
7043  AOT_hence ¬x[F] for F by (metis "en-eq:7[1]" "≡E"(1))
7044  AOT_hence F ¬x[F] by (rule GEN)
7045  AOT_hence F ¬x[F] by (rule BF[THEN "→E"])
7046  moreover AOT_have F ¬x[F]  ¬F x[F]
7047    apply (rule RM)
7048    by (metis (full_types) "instantiation" "cqt:2[const_var]" "deduction-theorem"
7049                           "reductio-aa:1" "rule-ui:1" "vdash-properties:1[2]")
7050  ultimately AOT_have ¬F x[F]
7051    by (metis "→E")
7052  moreover AOT_have A!x using x_abs
7053    using "oa-facts:2" "vdash-properties:10" by blast
7054  ultimately AOT_have r: (A!x & ¬F x[F])
7055    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
7056  AOT_show Null(x)
7057    by (AOT_subst Null(x) A!x & ¬F x[F])
7058       (auto simp: "df-null-uni:1" "≡Df" r)
7059qed  
7060
7061AOT_theorem "null-uni-facts:2": Universal(x)  Universal(x)
7062proof (rule "→I")
7063  AOT_assume Universal(x)
7064  AOT_hence x_abs: A!x and x_univ: F x[F]
7065    using "df-null-uni:2"[THEN "≡dfE"] "&E" by blast+
7066  AOT_have x[F] for F using x_univ "∀E" by blast
7067  AOT_hence x[F] for F by (metis "en-eq:2[1]" "≡E"(1))
7068  AOT_hence F x[F] by (rule GEN)
7069  AOT_hence F x[F] by (rule BF[THEN "→E"])
7070  moreover AOT_have A!x using x_abs
7071    using "oa-facts:2" "vdash-properties:10" by blast
7072  ultimately AOT_have r: (A!x & F x[F])
7073    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
7074  AOT_show Universal(x)
7075    by (AOT_subst Universal(x) A!x & F x[F])
7076       (auto simp add: "df-null-uni:2" "≡Df" r)
7077qed
7078
7079AOT_theorem "null-uni-facts:3": Null(a)
7080  apply (rule "=dfI"(2)[OF "df-null-uni-terms:1"])
7081   apply (simp add: "null-uni-uniq:3")
7082  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:3"]
7083    "sc-eq-fur:2"[THEN "→E", OF "null-uni-facts:1"[unvarify x, THEN RN, OF "null-uni-uniq:3"], THEN "≡E"(1)]
7084  by blast
7085
7086AOT_theorem "null-uni-facts:4": Universal(aV)
7087  apply (rule "=dfI"(2)[OF "df-null-uni-terms:2"])
7088   apply (simp add: "null-uni-uniq:4")
7089  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:4"]
7090    "sc-eq-fur:2"[THEN "→E", OF "null-uni-facts:2"[unvarify x, THEN RN, OF "null-uni-uniq:4"], THEN "≡E"(1)]
7091  by blast
7092
7093AOT_theorem "null-uni-facts:5": a  aV
7094proof (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
7095    rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
7096    rule "≡dfI"[OF "=-infix"];
7097    rule "raa-cor:2")
7098  AOT_obtain x where nullx: Null(x)
7099    by (metis "instantiation" "df-null-uni-terms:1" "existential:1" "null-uni-facts:3"
7100              "null-uni-uniq:3" "rule-id-df:2:b[zero]")
7101  AOT_hence act_null: 𝒜Null(x) by (metis "nec-imp-act" "null-uni-facts:1" "vdash-properties:10")
7102  AOT_assume ιx Null(x) = ιx Universal(x)
7103  AOT_hence 𝒜x(Null(x)  Universal(x))
7104    using "actual-desc:5"[THEN "→E"] by blast
7105  AOT_hence x 𝒜(Null(x)  Universal(x))
7106    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
7107  AOT_hence 𝒜Null(x)  𝒜Universal(x)
7108    using "Act-Basic:5" "≡E"(1) "rule-ui:3" by blast
7109  AOT_hence 𝒜Universal(x) using act_null "≡E" by blast
7110  AOT_hence Universal(x) by (metis RN "≡E"(1) "null-uni-facts:2" "sc-eq-fur:2" "vdash-properties:10")
7111  AOT_hence F x[F] using "≡dfE"[OF "df-null-uni:2"] "&E" by metis
7112  moreover AOT_have ¬F x[F] using nullx "≡dfE"[OF "df-null-uni:1"] "&E" by metis
7113  ultimately AOT_show p & ¬p for p by (metis "cqt-further:1" "raa-cor:3" "vdash-properties:10")
7114qed
7115
7116AOT_theorem "null-uni-facts:6": a = ιx(A!x & F (x[F]  F  F))
7117proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
7118  AOT_show ιx([A!]x & F (x[F]  F  F))
7119    by (simp add: "A-descriptions")
7120next
7121  AOT_show a
7122    by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
7123       (simp add: "null-uni-uniq:3")
7124next
7125  AOT_have ιx([A!]x & F (x[F]  F  F))
7126    by (simp add: "A-descriptions")
7127  AOT_hence 1: ιx([A!]x & F (x[F]  F  F)) = ιx([A!]x & F (x[F]  F  F))
7128    using "rule=I:1" by blast
7129  AOT_show [A!]a & [A!]ιx([A!]x & F (x[F]  F  F))
7130    apply (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"]; rule "&I")
7131    apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3" "null-uni-uniq:3" "rule-id-df:2:a[zero]" "vdash-properties:10")
7132    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
7133next
7134  AOT_show F (a[F]  ιx([A!]x & F (x[F]  F  F))[F])
7135  proof (rule GEN)
7136    fix F
7137    AOT_have ¬a[F]
7138      by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
7139         (metis (no_types, lifting) "≡dfE" "&E"(2) "∨I"(2) "∨E"(3)
7140                "df-null-uni:1" "df-null-uni-terms:1" "existential:2[const_var]" "null-uni-facts:3"
7141                "raa-cor:2" "rule-id-df:2:a[zero]" "russell-axiom[enc,1].ψ_denotes_asm")
7142    moreover AOT_have ¬ιx([A!]x & F (x[F]  F  F))[F]
7143    proof(rule "raa-cor:2")
7144      AOT_assume 0: ιx([A!]x & F (x[F]  F  F))[F]
7145      AOT_hence 𝒜(F  F) using "desc-nec-encode:2"[THEN "≡E"(1), OF 0] by blast
7146      moreover AOT_have ¬𝒜(F  F)
7147        using "≡dfE" "id-act:2" "id-eq:1" "≡E"(2) "=-infix" "raa-cor:3" by blast
7148      ultimately AOT_show 𝒜(F  F) & ¬𝒜(F  F) by (rule "&I")
7149    qed
7150    ultimately AOT_show a[F]  ιx([A!]x & F (x[F]  F  F))[F]
7151      using "deduction-theorem" "≡I" "raa-cor:4" by blast
7152  qed
7153qed
7154
7155AOT_theorem "null-uni-facts:7": aV = ιx(A!x & F (x[F]  F = F))
7156proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
7157  AOT_show ιx([A!]x & F (x[F]  F = F))
7158    by (simp add: "A-descriptions")
7159next
7160  AOT_show aV
7161    by (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
7162       (simp add: "null-uni-uniq:4")
7163next
7164  AOT_have ιx([A!]x & F (x[F]  F = F))
7165    by (simp add: "A-descriptions")
7166  AOT_hence 1: ιx([A!]x & F (x[F]  F = F)) = ιx([A!]x & F (x[F]  F = F))
7167    using "rule=I:1" by blast
7168  AOT_show [A!]aV & [A!]ιx([A!]x & F (x[F]  F = F))
7169    apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"]; rule "&I")
7170    apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:2" "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]" "vdash-properties:10")
7171    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
7172next
7173  AOT_show F (aV[F]  ιx([A!]x & F (x[F]  F = F))[F])
7174  proof (rule GEN)
7175    fix F
7176    AOT_have aV[F]
7177      apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
7178      using "≡dfE" "&E"(2) "df-null-uni:2" "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]" "rule-ui:3" by blast
7179    moreover AOT_have ιx([A!]x & F (x[F]  F = F))[F]
7180      using "RA[2]" "desc-nec-encode:2" "id-eq:1" "≡E"(2) by fastforce
7181    ultimately AOT_show aV[F]  ιx([A!]x & F (x[F]  F = F))[F]
7182      using "deduction-theorem" "≡I" by simp
7183  qed
7184qed
7185
7186AOT_theorem "aclassical:1": Rxy(A!x & A!y & x  y & z [R]zx] = z [R]zy])
7187proof(rule GEN)
7188  fix R
7189  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]zy] & ¬y[F]))
7190    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7191  AOT_have a_enc: az [R]za]
7192  proof (rule "raa-cor:1")
7193    AOT_assume 0: ¬az [R]za]
7194    AOT_hence ¬y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7195      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]za]»"],
7196                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated])
7197         "cqt:2[lambda]"
7198    AOT_hence y ¬(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7199      using "cqt-further:4" "vdash-properties:10" by blast
7200    AOT_hence ¬(A!a & z [R]za] = z [R]za] & ¬az [R]za]) using "∀E" by blast
7201    AOT_hence (A!a & z [R]za] = z [R]za])  az [R]za]
7202      by (metis "&I" "deduction-theorem" "raa-cor:3")
7203    moreover AOT_have z [R]za] = z [R]za]
7204      by (rule "=I") "cqt:2[lambda]"
7205    ultimately AOT_have az [R]za] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7206    AOT_thus az [R]za] & ¬az [R]za]
7207      using 0 "&I" by blast
7208  qed
7209  AOT_hence y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7210    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated]) "cqt:2[lambda]"
7211  then AOT_obtain b where b_prop: A!b & z [R]za] = z [R]zb] & ¬bz [R]za]
7212    using "∃E"[rotated] by blast
7213  AOT_have a  b
7214    apply (rule "≡dfI"[OF "=-infix"])
7215    using a_enc b_prop[THEN "&E"(2)]
7216    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7217  AOT_hence A!a & A!b & a  b & z [R]za] = z [R]zb]
7218    using b_prop "&E" a_prop "&I" by meson
7219  AOT_hence y (A!a & A!y & a  y & z [R]za] = z [R]zy]) by (rule "∃I")
7220  AOT_thus xy (A!x & A!y & x  y & z [R]zx] = z [R]zy]) by (rule "∃I")
7221qed
7222
7223AOT_theorem "aclassical:2": Rxy(A!x & A!y & x  y & z [R]xz] = z [R]yz])
7224proof(rule GEN)
7225  fix R
7226  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]yz] & ¬y[F]))
7227    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7228  AOT_have a_enc: az [R]az]
7229  proof (rule "raa-cor:1")
7230    AOT_assume 0: ¬az [R]az]
7231    AOT_hence ¬y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7232      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]az]»"],
7233                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated])
7234         "cqt:2[lambda]"
7235    AOT_hence y ¬(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7236      using "cqt-further:4" "vdash-properties:10" by blast
7237    AOT_hence ¬(A!a & z [R]az] = z [R]az] & ¬az [R]az]) using "∀E" by blast
7238    AOT_hence (A!a & z [R]az] = z [R]az])  az [R]az]
7239      by (metis "&I" "deduction-theorem" "raa-cor:3")
7240    moreover AOT_have z [R]az] = z [R]az]
7241      by (rule "=I") "cqt:2[lambda]"
7242    ultimately AOT_have az [R]az] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7243    AOT_thus az [R]az] & ¬az [R]az]
7244      using 0 "&I" by blast
7245  qed
7246  AOT_hence y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7247    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated]) "cqt:2[lambda]"
7248  then AOT_obtain b where b_prop: A!b & z [R]az] = z [R]bz] & ¬bz [R]az]
7249    using "∃E"[rotated] by blast
7250  AOT_have a  b
7251    apply (rule "≡dfI"[OF "=-infix"])
7252    using a_enc b_prop[THEN "&E"(2)]
7253    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7254  AOT_hence A!a & A!b & a  b & z [R]az] = z [R]bz]
7255    using b_prop "&E" a_prop "&I" by meson
7256  AOT_hence y (A!a & A!y & a  y & z [R]az] = z [R]yz]) by (rule "∃I")
7257  AOT_thus xy (A!x & A!y & x  y & z [R]xz] = z [R]yz]) by (rule "∃I")
7258qed
7259
7260AOT_theorem "aclassical:3": Fxy(A!x & A!y & x  y &  [F]x] =  [F]y])
7261proof(rule GEN)
7262  fix R
7263  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]y] & ¬y[F]))
7264    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7265  AOT_have z [R]a] by "cqt:2[lambda]"
7266  (* TODO: S should no longer be necessary *)
7267  then AOT_obtain S where S_def: S = z [R]a]
7268    by (metis "instantiation" "rule=I:1" "existential:1" id_sym)
7269  AOT_have a_enc: a[S]
7270  proof (rule "raa-cor:1")
7271    AOT_assume 0: ¬a[S]
7272    AOT_hence ¬y(A!y & S = z [R]y] & ¬y[S])
7273      by (rule a_prop[THEN "&E"(2), THEN "∀E"(2)[where β=S],
7274                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated]) 
7275    AOT_hence y ¬(A!y & S = z [R]y] & ¬y[S])
7276      using "cqt-further:4" "vdash-properties:10" by blast
7277    AOT_hence ¬(A!a & S = z [R]a] & ¬a[S]) using "∀E" by blast
7278    AOT_hence (A!a & S = z [R]a])  a[S]
7279      by (metis "&I" "deduction-theorem" "raa-cor:3")
7280    moreover AOT_have S = z [R]a] using S_def .
7281    ultimately AOT_have a[S] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7282    AOT_thus az [R]a] & ¬az [R]a]  by (metis "0" "raa-cor:3") 
7283  qed
7284  AOT_hence y(A!y & S = z [R]y] & ¬y[S])
7285    by (rule a_prop[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1), rotated])
7286  then AOT_obtain b where b_prop: A!b & S = z [R]b] & ¬b[S]
7287    using "∃E"[rotated] by blast
7288  AOT_have 1: a  b
7289    apply (rule "≡dfI"[OF "=-infix"])
7290    using a_enc b_prop[THEN "&E"(2)]
7291    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7292  AOT_have a:  [R]a] = ([R]a)
7293    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
7294    by (meson "log-prop-prop:2")
7295  AOT_have b:  [R]b] = ([R]b)
7296    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
7297    by (meson "log-prop-prop:2")
7298  AOT_have  [R]a] =  [R]b]
7299    apply (rule "rule=E"[rotated, OF a[THEN id_sym]])
7300    apply (rule "rule=E"[rotated, OF b[THEN id_sym]])
7301    apply (rule "identity:4"[THEN "≡dfI", OF "&I", rotated])
7302     apply (rule "rule=E"[rotated, OF S_def])
7303    using b_prop "&E" apply blast
7304    apply (safe intro!: "&I")
7305    by (simp add: "log-prop-prop:2")+
7306  AOT_hence A!a & A!b & a  b &  [R]a] =  [R]b]
7307    using 1 a_prop[THEN "&E"(1)] b_prop[THEN "&E"(1), THEN "&E"(1)] "&I" by auto
7308  AOT_hence y (A!a & A!y & a  y &  [R]a] =  [R]y]) by (rule "∃I")
7309  AOT_thus xy (A!x & A!y & x  y &  [R]x] =  [R]y]) by (rule "∃I")
7310qed
7311
7312AOT_theorem aclassical2: xy (A!x & A!y & x  y & F ([F]x  [F]y))
7313proof -
7314  AOT_have x y ([A!]x & [A!]y & x  y &
7315               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7316    by (rule "aclassical:1"[THEN "∀E"(1)[where τ="«xy F ([F]x  [F]y)]»"]])
7317       "cqt:2[lambda]"
7318  then AOT_obtain x where y ([A!]x & [A!]y & x  y &
7319               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7320    using "∃E"[rotated] by blast
7321  then AOT_obtain y where 0: ([A!]x & [A!]y & x  y &
7322               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7323    using "∃E"[rotated] by blast
7324  AOT_have z xy F ([F]x  [F]y)]zx]x
7325    apply (rule "β←C"(1))
7326      apply "cqt:2[lambda]"
7327     apply (fact "cqt:2[const_var]"[axiom_inst])
7328    apply (rule "β←C"(1))
7329      apply "cqt:2[lambda]"
7330    apply (simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
7331    by (simp add: "oth-class-taut:3:a" "universal-cor")
7332  AOT_hence z xy F ([F]x  [F]y)]zy]x
7333    by (rule "rule=E"[rotated, OF 0[THEN "&E"(2)]])
7334  AOT_hence xy F ([F]x  [F]y)]xy
7335    by (rule "β→C"(1))
7336  AOT_hence F ([F]x  [F]y)
7337    using "β→C"(1) old.prod.case by fast
7338  AOT_hence [A!]x & [A!]y & x  y & F ([F]x  [F]y) using 0 "&E" "&I" by blast
7339  AOT_hence y ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I")
7340  AOT_thus xy ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I"(2))
7341qed
7342
7343AOT_theorem "kirchner-thm:1": x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7344proof(rule "≡I"; rule "→I")
7345  AOT_assume x φ{x}]
7346  AOT_hence x φ{x}] by (metis "exist-nec" "vdash-properties:10")
7347  moreover AOT_have x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7348  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
7349    AOT_modally_strict {
7350      fix x y
7351      AOT_assume 0: x φ{x}]
7352      moreover AOT_assume F([F]x  [F]y)
7353      ultimately AOT_have x φ{x}]x  x φ{x}]y
7354        using "∀E" by blast
7355      AOT_thus (φ{x}  φ{y})
7356        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
7357    }
7358  qed
7359  ultimately AOT_show xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7360    using "→E" by blast
7361next
7362  AOT_have xy(F([F]x  [F]y)  (φ{x}  φ{y}))  y(x(F([F]x  [F]y) & φ{x})  φ{y})
7363  proof(rule "RM:1"; rule "→I"; rule GEN)
7364    AOT_modally_strict {
7365      AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7366      AOT_hence indisc: φ{x}  φ{y} if F([F]x  [F]y) for x y
7367        using "∀E"(2) "→E" that by blast
7368      AOT_show (x(F([F]x  [F]y) & φ{x})  φ{y}) for y
7369      proof (rule "raa-cor:1")
7370        AOT_assume ¬(x(F([F]x  [F]y) & φ{x})  φ{y})
7371        AOT_hence (x(F([F]x  [F]y) & φ{x}) & ¬φ{y})  (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
7372          using "≡E"(1) "oth-class-taut:4:h" by blast
7373        moreover {
7374          AOT_assume 0: x(F([F]x  [F]y) & φ{x}) & ¬φ{y}
7375          AOT_obtain a where F([F]a  [F]y) & φ{a}
7376            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
7377          AOT_hence φ{y} using indisc[THEN "≡E"(1)] "&E" by blast
7378          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7379        }
7380        moreover {
7381          AOT_assume 0: (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
7382          AOT_hence x ¬(F([F]x  [F]y) & φ{x})
7383            using "&E"(1) "cqt-further:4" "→E" by blast
7384          AOT_hence ¬(F([F]y  [F]y) & φ{y}) using "∀E" by blast
7385          AOT_hence ¬F([F]y  [F]y)  ¬φ{y}
7386            using "≡E"(1) "oth-class-taut:5:c" by blast
7387          moreover AOT_have F([F]y  [F]y) by (simp add: "oth-class-taut:3:a" "universal-cor")
7388          ultimately AOT_have ¬φ{y} by (metis "¬¬I" "∨E"(2))
7389          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7390        }
7391        ultimately AOT_show p & ¬p for p using "∨E"(3) "raa-cor:1" by blast
7392      qed
7393    }
7394  qed
7395  moreover AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7396  ultimately AOT_have y(x(F([F]x  [F]y) & φ{x})  φ{y})
7397    using "→E" by blast
7398  AOT_thus x φ{x}]
7399    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2[lambda]"
7400qed
7401
7402AOT_theorem "kirchner-thm:2": x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7403proof(rule "≡I"; rule "→I")
7404  AOT_assume x1...xn φ{x1...xn}]
7405  AOT_hence x1...xn φ{x1...xn}] by (metis "exist-nec" "vdash-properties:10")
7406  moreover AOT_have x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7407  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
7408    AOT_modally_strict {
7409      fix x1xn y1yn :: 'a AOT_var›
7410      AOT_assume 0: x1...xn φ{x1...xn}]
7411      moreover AOT_assume F([F]x1...xn  [F]y1...yn)
7412      ultimately AOT_have x1...xn φ{x1...xn}]x1...xn  x1...xn φ{x1...xn}]y1...yn
7413        using "∀E" by blast
7414      AOT_thus (φ{x1...xn}  φ{y1...yn})
7415        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
7416    }
7417  qed
7418  ultimately AOT_show x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7419    using "→E" by blast
7420next
7421  AOT_have (x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))) 
7422            y1...∀yn((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7423  proof(rule "RM:1"; rule "→I"; rule GEN)
7424    AOT_modally_strict {
7425      AOT_assume x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7426      AOT_hence indisc: φ{x1...xn}  φ{y1...yn} if F([F]x1...xn  [F]y1...yn) for x1xn y1yn
7427        using "∀E"(2) "→E" that by blast
7428      AOT_show (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn} for y1yn
7429      proof (rule "raa-cor:1")
7430        AOT_assume ¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7431        AOT_hence ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & ¬φ{y1...yn}) 
7432                    (¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & φ{y1...yn})
7433          using "≡E"(1) "oth-class-taut:4:h" by blast
7434        moreover {
7435          AOT_assume 0: (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & ¬φ{y1...yn}
7436          AOT_obtain a1an where F([F]a1...an  [F]y1...yn) & φ{a1...an}
7437            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
7438          AOT_hence φ{y1...yn} using indisc[THEN "≡E"(1)] "&E" by blast
7439          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7440        }
7441        moreover {
7442          AOT_assume 0: (¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))) & φ{y1...yn})
7443          AOT_hence x1...∀xn ¬(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})
7444            using "&E"(1) "cqt-further:4" "→E" by blast
7445          AOT_hence ¬(F([F]y1...yn  [F]y1...yn) & φ{y1...yn}) using "∀E" by blast
7446          AOT_hence ¬F([F]y1...yn  [F]y1...yn)  ¬φ{y1...yn}
7447            using "≡E"(1) "oth-class-taut:5:c" by blast
7448          moreover AOT_have F([F]y1...yn  [F]y1...yn)
7449            by (simp add: "oth-class-taut:3:a" "universal-cor")
7450          ultimately AOT_have ¬φ{y1...yn} by (metis "¬¬I" "∨E"(2))
7451          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7452        }
7453        ultimately AOT_show p & ¬p for p using "∨E"(3) "raa-cor:1" by blast
7454      qed
7455    }
7456  qed
7457  moreover AOT_assume x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7458  ultimately AOT_have y1...∀yn((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7459    using "→E" by blast
7460  AOT_thus x1...xn φ{x1...xn}]
7461    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2[lambda]"
7462qed
7463
7464AOT_theorem "kirchner-thm-cor:1": x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7465proof(rule "→I"; rule GEN; rule GEN; rule "→I")
7466  fix x y
7467  AOT_assume x φ{x}]
7468  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
7469    by (rule "kirchner-thm:1"[THEN "≡E"(1)])
7470  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
7471    using CBF[THEN "→E"] by blast
7472  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
7473    using "∀E" by blast
7474  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
7475    using CBF[THEN "→E"] by blast
7476  AOT_hence (F ([F]x  [F]y)  (φ{x}  φ{y}))
7477    using "∀E" by blast
7478  AOT_hence F ([F]x  [F]y)  (φ{x}  φ{y})
7479    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7480  moreover AOT_assume F([F]x  [F]y)
7481  ultimately AOT_show (φ{x}  φ{y}) using "→E" "ind-nec" by blast
7482qed
7483
7484AOT_theorem "kirchner-thm-cor:2":
7485  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7486proof(rule "→I"; rule GEN; rule GEN; rule "→I")
7487  fix x1xn y1yn
7488  AOT_assume x1...xn φ{x1...xn}]
7489  AOT_hence 0: x1...∀xny1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7490    by (rule "kirchner-thm:2"[THEN "≡E"(1)])
7491  AOT_have x1...∀xny1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7492  proof(rule GEN; rule GEN)
7493    fix x1xn y1yn
7494    AOT_show (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7495      apply (rule "RM:1"[THEN "→E", rotated, OF 0]; rule "→I")
7496      using "∀E" by blast
7497  qed
7498  AOT_hence y1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7499    using "∀E" by blast
7500  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7501    using "∀E" by blast
7502  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7503    using "∀E" by blast
7504  AOT_hence 0: F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
7505    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7506  moreover AOT_assume F([F]x1...xn  [F]y1...yn)
7507  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)] by "cqt:2[lambda]"
7508  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn  x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
7509    using "∀E" by blast
7510  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
7511    apply (rule "β←C"(1))
7512      apply "cqt:2[lambda]"
7513     apply (fact "cqt:2[const_var]"[axiom_inst])
7514    by (simp add: RN GEN "oth-class-taut:3:a")
7515  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn using "≡E"(2) by blast
7516  AOT_hence F ([F]x1...xn  [F]y1...yn)
7517    using "β→C"(1) by blast
7518  AOT_thus (φ{x1...xn}  φ{y1...yn}) using "→E" 0 by blast
7519qed
7520
7521AOT_define propositional :: ‹Π  φ› (Propositional'(_'))
7522  "prop-prop1": Propositional([F]) df p(F = y p])
7523
7524AOT_theorem "prop-prop2:1": p y p]
7525  by (rule GEN) "cqt:2[lambda]"
7526
7527AOT_theorem "prop-prop2:2": ν φ]
7528  by "cqt:2[lambda]"
7529
7530AOT_theorem "prop-prop2:3": F = y p]  x([F]x  p)
7531proof (rule "→I")
7532  AOT_assume 0: F = y p]
7533  AOT_show x([F]x  p)
7534    by (rule "rule=E"[rotated, OF 0[symmetric]]; rule RN; rule GEN; rule "beta-C-meta"[THEN "→E"])
7535      "cqt:2[lambda]"
7536qed
7537
7538AOT_theorem "prop-prop2:4": Propositional([F])  Propositional([F])
7539proof(rule "→I")
7540  AOT_assume Propositional([F])
7541  AOT_hence p(F = y p]) using "≡dfE"[OF "prop-prop1"] by blast
7542  then AOT_obtain p where F = y p] using "∃E"[rotated] by blast
7543  AOT_hence (F = y p]) using "id-nec:2" "modus-tollens:1" "raa-cor:3" by blast
7544  AOT_hence p (F = y p]) using "∃I" by fast
7545  AOT_hence 0: p (F = y p]) by (metis Buridan "vdash-properties:10")
7546  AOT_thus Propositional([F])
7547    using "prop-prop1"[THEN "≡Df"]
7548    by (AOT_subst Propositional([F]) p (F = y p])) auto
7549qed
7550
7551AOT_define indicriminate :: ‹Π  φ› ("Indiscriminate'(_')")
7552  "prop-indis": Indiscriminate([F]) df F & (x [F]x  x [F]x)
7553
7554AOT_theorem "prop-in-thm": Propositional([Π])  Indiscriminate([Π])
7555proof(rule "→I")
7556  AOT_assume Propositional([Π])
7557  AOT_hence p Π = y p] using "≡dfE"[OF "prop-prop1"] by blast
7558  then AOT_obtain p where Π_def: Π = y p] using "∃E"[rotated] by blast
7559  AOT_show Indiscriminate([Π])
7560  proof (rule "≡dfI"[OF "prop-indis"]; rule "&I")
7561    AOT_show Π
7562      using Π_def by (meson "t=t-proper:1" "vdash-properties:6")
7563  next
7564    AOT_show (x [Π]x  x [Π]x)
7565    proof (rule "rule=E"[rotated, OF Π_def[symmetric]]; rule RN; rule "→I"; rule GEN)
7566      AOT_modally_strict {
7567        AOT_assume x y p]x
7568        then AOT_obtain a where y p]a using "∃E"[rotated] by blast
7569        AOT_hence 0: p by (metis "β→C"(1))
7570        AOT_show y p]x for x
7571          apply (rule "β←C"(1))
7572            apply "cqt:2[lambda]"
7573           apply (fact "cqt:2[const_var]"[axiom_inst])
7574          by (fact 0)
7575      }
7576    qed
7577  qed
7578qed
7579
7580AOT_theorem "prop-in-f:1": Necessary([F])  Indiscriminate([F])
7581proof (rule "→I")
7582  AOT_assume Necessary([F])
7583  AOT_hence 0: x1...∀xn [F]x1...xn using "≡dfE"[OF "contingent-properties:1"] by blast
7584  AOT_show Indiscriminate([F])
7585    by (rule "≡dfI"[OF "prop-indis"])
7586       (metis "0" "KBasic:1" "&I" "ex:1:a" "rule-ui:2[const_var]" "vdash-properties:6") 
7587qed
7588
7589AOT_theorem "prop-in-f:2": Impossible([F])  Indiscriminate([F])
7590proof (rule "→I")
7591  AOT_modally_strict {
7592    AOT_have x ¬[F]x  (x [F]x  x [F]x)
7593      by (metis "instantiation" "cqt-orig:3" "Hypothetical Syllogism" "deduction-theorem" "raa-cor:3")
7594  }
7595  AOT_hence 0: x ¬[F]x  (x [F]x  x [F]x)
7596    by (rule "RM:1")
7597  AOT_assume Impossible([F])
7598  AOT_hence x ¬[F]x using "≡dfE"[OF "contingent-properties:2"] "&E" by blast
7599  AOT_hence 1: (x [F]x  x [F]x) using 0 "→E" by blast
7600  AOT_show Indiscriminate([F])
7601    by (rule "≡dfI"[OF "prop-indis"]; rule "&I")
7602       (simp add: "ex:1:a" "rule-ui:2[const_var]" 1)+
7603qed
7604
7605AOT_theorem "prop-in-f:3:a": ¬Indiscriminate([E!])
7606proof(rule "raa-cor:2")
7607  AOT_assume Indiscriminate([E!])
7608  AOT_hence 0: (x [E!]x  x [E!]x)
7609    using "≡dfE"[OF "prop-indis"] "&E" by blast
7610  AOT_hence x [E!]x  x [E!]x
7611    using "KBasic:13" "vdash-properties:10" by blast
7612  moreover AOT_have x [E!]x
7613    by (simp add: "thm-cont-e:3")
7614  ultimately AOT_have x [E!]x
7615    by (metis "vdash-properties:6")
7616  AOT_thus p & ¬p for p
7617    by (metis "≡dfE" "conventions:5" "o-objects-exist:5" "reductio-aa:1")
7618qed
7619
7620AOT_theorem "prop-in-f:3:b": ¬Indiscriminate([E!]-)
7621proof (rule "rule=E"[rotated, OF "rel-neg-T:2"[symmetric]]; rule "raa-cor:2")
7622  AOT_assume Indiscriminate(x ¬[E!]x])
7623  AOT_hence 0: (x x ¬[E!]x]x  x x ¬[E!]x]x)
7624    using "≡dfE"[OF "prop-indis"] "&E" by blast
7625  AOT_hence x x ¬[E!]x]x  x x ¬[E!]x]x
7626    using "→E" "qml:1" "vdash-properties:1[2]" by blast
7627  moreover AOT_have x x ¬[E!]x]x
7628    apply (AOT_subst x ¬E!x]x ¬E!x for: x)
7629    apply (rule "beta-C-meta"[THEN "→E"])
7630     apply "cqt:2[lambda]"
7631    by (metis (full_types) "B◇" RN "T◇" "cqt-further:2" "o-objects-exist:5" "vdash-properties:10")
7632  ultimately AOT_have 1: x x ¬[E!]x]x
7633    by (metis "vdash-properties:6")
7634  AOT_hence x ¬[E!]x
7635    by (AOT_subst (reverse) ¬[E!]x  x ¬[E!]x]x for: x)
7636       (auto intro!: "cqt:2" "beta-C-meta"[THEN "→E"])
7637  AOT_hence x ¬[E!]x by (metis "CBF" "vdash-properties:10")
7638  moreover AOT_obtain a where abs_a: O!a
7639    using "instantiation" "o-objects-exist:1" "qml:2" "vdash-properties:1[2]" "vdash-properties:6" by blast
7640  ultimately AOT_have ¬[E!]a using "∀E" by blast
7641  AOT_hence 2: ¬[E!]a by (metis "≡dfE" "conventions:5" "reductio-aa:1")
7642  AOT_have A!a
7643    apply (rule "=dfI"(2)[OF AOT_abstract])
7644     apply "cqt:2[lambda]"
7645    apply (rule "β←C"(1))
7646      apply "cqt:2[lambda]"
7647    using "cqt:2[const_var]"[axiom_inst] apply blast
7648    by (fact 2)
7649  AOT_thus p & ¬p for p using abs_a
7650    by (metis "≡E"(1) "oa-contingent:2" "reductio-aa:1")
7651qed
7652
7653AOT_theorem "prop-in-f:3:c": ¬Indiscriminate(O!)
7654proof(rule "raa-cor:2")
7655  AOT_assume Indiscriminate(O!)
7656  AOT_hence 0: (x O!x  x O!x)
7657    using "≡dfE"[OF "prop-indis"] "&E" by blast
7658  AOT_hence x O!x  x O!x
7659    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7660  moreover AOT_have x O!x
7661    using "o-objects-exist:1" by blast
7662  ultimately AOT_have x O!x
7663    by (metis "vdash-properties:6")
7664  AOT_thus p & ¬p for p
7665    by (metis "o-objects-exist:3" "qml:2" "raa-cor:3" "vdash-properties:10" "vdash-properties:1[2]")
7666qed
7667
7668AOT_theorem "prop-in-f:3:d": ¬Indiscriminate(A!)
7669proof(rule "raa-cor:2")
7670  AOT_assume Indiscriminate(A!)
7671  AOT_hence 0: (x A!x  x A!x)
7672    using "≡dfE"[OF "prop-indis"] "&E" by blast
7673  AOT_hence x A!x  x A!x
7674    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7675  moreover AOT_have x A!x
7676    using "o-objects-exist:2" by blast
7677  ultimately AOT_have x A!x
7678    by (metis "vdash-properties:6")
7679  AOT_thus p & ¬p for p
7680    by (metis "o-objects-exist:4" "qml:2" "raa-cor:3" "vdash-properties:10" "vdash-properties:1[2]")
7681qed
7682
7683AOT_theorem "prop-in-f:4:a": ¬Propositional(E!)
7684  using "modus-tollens:1" "prop-in-f:3:a" "prop-in-thm" by blast
7685
7686AOT_theorem "prop-in-f:4:b": ¬Propositional(E!-)
7687  using "modus-tollens:1" "prop-in-f:3:b" "prop-in-thm" by blast
7688
7689AOT_theorem "prop-in-f:4:c": ¬Propositional(O!)
7690  using "modus-tollens:1" "prop-in-f:3:c" "prop-in-thm" by blast
7691
7692AOT_theorem "prop-in-f:4:d": ¬Propositional(A!)
7693  using "modus-tollens:1" "prop-in-f:3:d" "prop-in-thm" by blast
7694
7695AOT_theorem "prop-prop-nec:1": p (F = y p])  p(F = y p])
7696proof(rule "→I")
7697  AOT_assume p (F = y p])
7698  AOT_hence p (F = y p])
7699    by (metis "BF◇" "vdash-properties:10")
7700  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
7701  AOT_hence F = y p] by (metis "derived-S5-rules:2" emptyE "id-nec:2" "vdash-properties:6")
7702  AOT_thus p(F = y p]) by (rule "∃I")
7703qed
7704
7705AOT_theorem "prop-prop-nec:2": p (F  y p])  p(F  y p])
7706proof(rule "→I")
7707  AOT_assume p (F  y p])
7708  AOT_hence (F  y p]) for p
7709    using "∀E" by blast
7710  AOT_hence (F  y p]) for p
7711    by (rule "id-nec2:2"[unvarify β, THEN "→E", rotated]) "cqt:2[lambda]"
7712  AOT_hence p (F  y p]) by (rule GEN)
7713  AOT_thus p (F  y p]) using BF[THEN "→E"] by fast
7714qed
7715
7716AOT_theorem "prop-prop-nec:3": p (F = y p])  p(F = y p])
7717proof(rule "→I")
7718  AOT_assume p (F = y p])
7719  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
7720  AOT_hence (F = y p]) by (metis "id-nec:2" "vdash-properties:6")
7721  AOT_hence p(F = y p]) by (rule "∃I")
7722  AOT_thus p(F = y p]) by (metis Buridan "vdash-properties:10")
7723qed
7724
7725AOT_theorem "prop-prop-nec:4": p (F  y p])  p(F  y p])
7726proof(rule "→I")
7727  AOT_assume p (F  y p])
7728  AOT_hence p (F  y p]) by (metis "Buridan◇" "vdash-properties:10")
7729  AOT_hence (F  y p]) for p
7730    using "∀E" by blast
7731  AOT_hence F  y p] for p
7732    by (rule "id-nec2:3"[unvarify β, THEN "→E", rotated]) "cqt:2[lambda]"
7733  AOT_thus p (F  y p]) by (rule GEN)
7734qed
7735
7736AOT_theorem "enc-prop-nec:1": F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
7737proof(rule "→I"; rule GEN; rule "→I")
7738  fix F
7739  AOT_assume F (x[F]  p(F = y p]))
7740  AOT_hence F (x[F]  p(F = y p]))
7741    using "Buridan◇" "vdash-properties:10" by blast
7742  AOT_hence 0: (x[F]  p(F = y p])) using "∀E" by blast
7743  AOT_assume x[F]
7744  AOT_hence x[F] by (metis "en-eq:2[1]" "≡E"(1))
7745  AOT_hence p(F = y p])
7746    using 0 by (metis "KBasic2:4" "≡E"(1) "vdash-properties:10")
7747  AOT_thus p(F = y p])
7748    using "prop-prop-nec:1"[THEN "→E"] by blast
7749qed
7750
7751AOT_theorem "enc-prop-nec:2": F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
7752  using "derived-S5-rules:1"[where Γ="{}", simplified, OF "enc-prop-nec:1"]
7753  by blast
7754
7755(*<*)
7756end
7757(*>*)